CVE-2023-2796 — The EventON WordPress plugin before 2.1.2 lacks authentication and authorization in its eventon_ics_download ajax action, allowing unauthenticated visitors to access private and password protected Eve — CVE Database · The Intelligence Room