CVE-2024-0236
EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password DisclosureThe EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set (for example for Zoom)
We have discovered 13,983 live websites that are affected by CVE-2024-0236.
Contact us to get more info
Common Weakness Enumeration
CWE-862 Missing Authorization
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2024-0236 and the relative popularity of websites