CVE-2025-47539 Scanner
CVE-2025-47539 Scanner - Privilege Escalation vulnerability in Eventin
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
20 days 4 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
Eventin is a popular WordPress plugin used for event management, offering features like ticketing, registration, and scheduling for various types of events. It is commonly utilized by small-to-medium enterprises, event managers, and individuals needing to manage and display events on their WordPress sites. The plugin aims at simplifying event setups, offering an easy user interface and integration with other tools, available to anyone with a WordPress site needing advanced event management capabilities. This wide applicability means that the platform can empower users to manage complex event logistics simply. With its ease of use, Eventin has become quite a popular choice for non-technical users as well.
The vulnerability detected in this Version of Eventin allows unauthenticated users to escalate privileges through a REST API endpoint that lacks proper permission checks. This vulnerability allows attackers to potentially import users into WordPress with arbitrary roles, including higher-level roles like an administrator. The oversight, if exploited, could result in a full compromise of the WordPress site. Privilege escalation vulnerabilities are critical as they can turn any authenticated session into one with full administrative access. The CVSS score of 9.8 highlights the severity and critical nature of this flaw in the plugin.
Technical details reveal that the endpoint vulnerable to this exploit is '/wp-json/eventin/v2/speakers/import?_locale=user'. An attacker can exploit this by sending a POST request with a JSON payload that specifies a user's role as 'administrator'. The core issue stems from a lack of authorization checks before processing user roles during import. The vulnerability primarily affects an endpoint designed for importing speaker data into the plugin. This missing validation allows the importation of users with escalated privileges, posing severe security risks.
Exploitation of this vulnerability could result in unauthorized users gaining administrative access to the WordPress site, leading to potential alterations of settings, addition of malicious plugins, or even complete takeover of the website. Further repercussions include data theft, introduction of backdoors, and usage of the platform for malicious activities like phishing campaigns. Any sensitive data present on or accessible through the site can be compromised, terribly affecting the site's users or owners.
REFERENCES