This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis โ
Q1What is this vulnerability? (Essence + Consequences)
๐จ **Essence**: EventON plugin fails to validate `event_id` in `eventon_ics_download`. <br>๐ฅ **Consequences**: Unauthenticated access to **any** post content (including unpublished/protected).
Q2Root Cause? (CWE/Flaw)
๐ก๏ธ **Root Cause**: Insecure Direct Object Reference (IDOR). <br>๐ **Flaw**: No verification if `event_id` is a valid Event object before serving data.
Q3Who is affected? (Versions/Components)
๐ฆ **Affected**: WordPress Plugin **EventON**. <br>๐ **Version**: **< 2.1.2**. <br>๐ **Platform**: WordPress sites using this calendar plugin.
Q4What can hackers do? (Privileges/Data)
๐ต๏ธ **Hackers Can**: Access **any** Post content via ICS export. <br>๐ **Data**: Includes **unpublished** or **protected** posts. <br>๐ซ **Privileges**: No login required (Unauthenticated).
Q5Is exploitation threshold high? (Auth/Config)
๐ **Threshold**: **LOW**. <br>๐ **Auth**: None needed. <br>โ๏ธ **Config**: Just need the numeric ID of the post. Easy to enumerate.
Q6Is there a public Exp? (PoC/Wild Exploitation)
๐ฅ **Public Exp?**: **YES**. <br>๐ **PoC**: Available via Nuclei templates & PacketStorm. <br>๐ **Wild Exploitation**: High risk due to simplicity.
Q7How to self-check? (Features/Scanning)
๐ **Self-Check**: Scan for EventON version < 2.1.2. <br>๐งช **Test**: Try accessing `eventon_ics_download` with arbitrary post IDs. <br>๐ก **Tools**: Use Nuclei or WPScan.
Q8Is it fixed officially? (Patch/Mitigation)
๐ ๏ธ **Fixed?**: **YES**. <br>๐ **Patch**: Upgrade EventON to **version 2.1.2 or later**. <br>โ **Action**: Update immediately via WordPress dashboard.