2024-01-22 19:14:30
WPScan
PUBLISHED
The EventPrime WordPress plugin before 3.3.6 lacks authentication and authorization, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id/event name.