CVE-2021-24585
Timetable and Event Schedule by MotoPress <= 2.3.19 - Arbitrary User's Hashed Password/Email/Username Disclosure
mediumExposure of Sensitive Information to an Unauthorized Actor
6.5
CVSS Score
6.5
CVSS Score
medium
Severity
2.4.0
Patched in
883d
Time to patch
Description
The Timetable and Event Schedule WordPress plugin before 2.4.0 outputs the Hashed Password, Username and Email Address (along other less sensitive data) of the user related to the Even Head of the Timeslot in the response when requesting the event Timeslot data with a user with the edit_posts capability. Combined with the other Unauthorised Event Timeslot Modification issue (https://wpscan.com/reports/submissions/4699/) where an arbitrary user ID can be set, this could allow low privilege users with the edit_posts capability (such as author) to retrieve sensitive User data by iterating over the user_id
CVSS Vector Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NAttack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
High
Confidentiality
None
Integrity
None
Availability
Technical Details
Affected versions
<=2.3.19PublishedAugust 23, 2021
Last updatedJanuary 22, 2024
Affected pluginmp-timetable
Check if your site is affected.
Run a free security audit to detect vulnerable plugins, outdated versions, and misconfigurations.