cve-2024-13457
Vulnerability from cvelistv5
Published
2025-01-30 06:41
Modified
2025-01-30 15:09
Severity ?
EPSS score ?
0.05%
(0.1949)
Summary
The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.18.1 via the tc-order-id parameter due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view order details of orders they did not place, which includes ticket prices, user emails and order date.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
theeventscalendar | Event Tickets and Registration |
Version: * ≤ 5.18.1 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-13457", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-30T15:09:01.788378Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-30T15:09:12.419Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Event Tickets and Registration", vendor: "theeventscalendar", versions: [ { lessThanOrEqual: "5.18.1", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Whit Taylor", }, ], descriptions: [ { lang: "en", value: "The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.18.1 via the tc-order-id parameter due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view order details of orders they did not place, which includes ticket prices, user emails and order date.", }, ], metrics: [ { cvssV3_1: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-30T06:41:07.956Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/0cc2261a-889e-40ec-8382-48de65b91b34?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3229935%40event-tickets%2Ftags%2F5.18.1.1&old=3227011%40event-tickets%2Ftags%2F5.18.1", }, ], timeline: [ { lang: "en", time: "2025-01-29T18:25:56.000+00:00", value: "Disclosed", }, ], title: "Event Tickets <= 5.18.1 - Insecure Direct Object Reference to Sensitive Information Exposure", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-13457", datePublished: "2025-01-30T06:41:07.956Z", dateReserved: "2025-01-16T14:57:20.404Z", dateUpdated: "2025-01-30T15:09:12.419Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2024-13457\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2025-01-30T07:15:07.067\",\"lastModified\":\"2025-02-07T15:34:15.553\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.18.1 via the tc-order-id parameter due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view order details of orders they did not place, which includes ticket prices, user emails and order date.\"},{\"lang\":\"es\",\"value\":\"El complemento Event Tickets and Registration para WordPress es vulnerable a la referencia directa a objetos inseguros en todas las versiones hasta la 5.18.1 y incluida a través del parámetro tc-order-id debido a la falta de validación en una clave controlada por el usuario. Esto permite que atacantes no autenticados vean los detalles de pedidos que no realizaron, lo que incluye precios de entradas, correos electrónicos de usuarios y fecha de pedido.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@wordfence.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-639\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liquidweb:event_tickets:*:*:*:*:free:wordpress:*:*\",\"versionEndExcluding\":\"5.18.1.1\",\"matchCriteriaId\":\"E95B39E1-F908-4705-9A7D-C4841872552B\"}]}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3229935%40event-tickets%2Ftags%2F5.18.1.1&old=3227011%40event-tickets%2Ftags%2F5.18.1\",\"source\":\"security@wordfence.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/0cc2261a-889e-40ec-8382-48de65b91b34?source=cve\",\"source\":\"security@wordfence.com\",\"tags\":[\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-13457\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-30T15:09:01.788378Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-30T15:08:54.780Z\"}}], \"cna\": {\"title\": \"Event Tickets <= 5.18.1 - Insecure Direct Object Reference to Sensitive Information Exposure\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Whit Taylor\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\"}}], \"affected\": [{\"vendor\": \"theeventscalendar\", \"product\": \"Event Tickets and Registration\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.18.1\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-01-29T18:25:56.000+00:00\", \"value\": \"Disclosed\"}], \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/0cc2261a-889e-40ec-8382-48de65b91b34?source=cve\"}, {\"url\": \"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3229935%40event-tickets%2Ftags%2F5.18.1.1&old=3227011%40event-tickets%2Ftags%2F5.18.1\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.18.1 via the tc-order-id parameter due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view order details of orders they did not place, which includes ticket prices, user emails and order date.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284 Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"shortName\": \"Wordfence\", \"dateUpdated\": \"2025-01-30T06:41:07.956Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-13457\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-30T15:09:12.419Z\", \"dateReserved\": \"2025-01-16T14:57:20.404Z\", \"assignerOrgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"datePublished\": \"2025-01-30T06:41:07.956Z\", \"assignerShortName\": \"Wordfence\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.