'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:345063)

Rule General Information
Release Date: 2026-06-12
Rule Name: EventOn Information Disclosure Vulnerability (CVE-2024-0235)
Severity:
CVE ID:
Rule Protection Details
Description: The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog
Impact: An attacker can abtain sensitive information of the target victim, and do malicious actions to gain profits using the information.
Affected OS: Windows, Linux, Others
Reference: https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/
https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/
Solutions
Please refer to announcements or patches release by the vendor: https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/