Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-8091 PoC — WordPress plugin EventON Lite 信息泄露漏洞

Source
https://github.com/MooseLoveti/EventON-Lite-CVE-Report
Associated Vulnerability
Title:WordPress plugin EventON Lite 信息泄露漏洞 (CVE-2025-8091)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin EventON Lite 2.4.6及之前版本存在信息泄露漏洞,该漏洞源于对包含帖子的限制不足,可能导致信息泄露。
Description
Disclosure for CVE-2025-8091
Readme
# EventON-Lite-CVE-Report
Disclosure for CVE-2025-8091

# CVE-2025-8091 - Vulnerability in EventON Lite

This repository discloses a vulnerability discovered in [EventON Lite <= 2.4.6](https://google.com),WordPress plugin developed by Ashan Perera.

## 🛠 Affected Version

- **Product**: EventON Lite
- **Version**: v2.4.6
- **URL**: https://wordpress.org/plugins/eventon-lite/

---

## 🔒 Assigned CVE
| CVE ID            | Type                      | Component                | Impact                    |
|-------------------|---------------------------|--------------------------|---------------------------|
| CVE-2025-8091    | Exposure of Sensitive Information to an Unauthorized Actor                | class-calendar-generator.php             | Authenticated (Contributor+) Information Disclosure      |  

---

## 🧾 Detailed a Description

### CVE-2025-8091 — Authenticated (Contributor+) Information Disclosure

 - **Affected Component**: get_single_event_data()
 - **Attack Vector**: Specify any event ID, including private or draft posts
 - **Trigger**: An authenticated user passes the target event ID to the API/endpoint
 - **Impact**: Disclosure of sensitive details from unpublished events created by an administrator, including title, full description, custom fields, location, and organizer information
 - **PoC**:
  1. Login as a Contributor in some way.
  2. Guess the sequential event ID and view private information using the following short code.`[add_single_eventon id="xxxx"]`
  3. Running the preview causes information leakage.

## ❓Reason for the vulnerability
 The post_type parameter is not properly validated, allowing retrieval of unintended post types including private or draft events.
 ### Proposed Fix:
 - Explicitly whitelist the allowed `post_type` before executing the query.
 - Apply proper capability checks such as `current_user_can('read_private_ajde_events')` for private content.
 - Limit `post_status` to publish for users without the necessary privileges.
## 🔍 Discoverer

**Name**: MooseLove  
**Role**: Independent security researcher / bug hunter  
**Contact**: Available upon request  
**PGP**: Provided to MITRE during CVE request

---

## 📚 References

- Product: https://wordpress.org/plugins/eventon-lite/

---

## ⚠️ License

This advisory is provided for public security awareness. Free to share with attribution.
File Snapshot

 [4.0K]  /data/pocs/63772d2fda558ce044a958521c34add587d9ced9
└── [2.3K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.