CVE-2024-0235
EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog
We have discovered 13,983 live websites that are affected by CVE-2024-0235.
Affected Software
| Product | |
| Category | Appointment Scheduling |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 194 |
| Vulnerable Domains | 13,983 live websites (84.34% of EventOn install base) |
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2024-0235 and the relative popularity of websitesDetails
- Published - Jan 16, 2024
- Updated - Feb 5, 2024
Credits
- Erwan LR (WPScan) (finder)
- WPScan (coordinator)
CWE
CVE References
CWE References
Countries
 United States | 4,470 websites |
 Germany | 1,382 websites |
 France | 1,107 websites |
 Spain | 709 websites |
 Italy | 691 websites |
 GB | 681 websites |
 Netherlands | 524 websites |
 Canada | 462 websites |
 Brazil | 298 websites |
 Australia | 288 websites |
TLDs
| .com | 4,887 websites |
| .org | 1,849 websites |
| .de | 964 websites |
| .fr | 468 websites |
| .it | 464 websites |
| .nl | 444 websites |
| .co.uk | 343 websites |
| .net | 276 websites |
| .es | 275 websites |
| .ch | 222 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2024-0235 through included software libraries and plugins.Websites affected by CVE-2024-0235
Top websites that are affected by CVE-2024-0235. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *************.pl |  Poland | **,*** | |
| *********************.org | United States | **,*** | |
| *****************.hr |  Croatia | **,*** | |
| ****.hr | Croatia | **,*** | |
| ***.*******.org | United States | **,*** | |
| ***.org | United States | **,*** | |
| ***********.com | United States | **,*** | |
| *****.gov | United States | **,*** | |
| *******.com | United States | **,*** | |
| ***.************.org | United States | **,*** |