CVE-2024-50483

CRITICAL

Tareq Hasan Meetup <= 0.1 - Privilege Escalation via Authorization Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-50483. PoCs published by RandomRobbieBF.

AI-analyzed exploit summary This PoC demonstrates an authentication bypass vulnerability in the Meetup WordPress plugin (versions <= 0.1) by exploiting improper identity verification in the `facebook_register()` function. It allows unauthenticated attackers to log in as any user by sending a crafted POST request with the target's email address.

Description

Authorization Bypass Through User-Controlled Key vulnerability in Tareq Hasan Meetup meetup allows Privilege Escalation.This issue affects Meetup: from n/a through <= 0.1.

Exploits (1)

nomisec WORKING POC 2 stars
by RandomRobbieBF · poc
https://github.com/RandomRobbieBF/CVE-2024-50483

This PoC demonstrates an authentication bypass vulnerability in the Meetup WordPress plugin (versions <= 0.1) by exploiting improper identity verification in the `facebook_register()` function. It allows unauthenticated attackers to log in as any user by sending a crafted POST request with the target's email address.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Meetup WordPress plugin <= 0.1
No auth needed
Prerequisites: knowledge of the target user's email address
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0238
EPSS Percentile 81.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-639
Status published
Products (2)
Tareq Hasan/Meetup < 0.1
tareqhasan/meetup < 0.1
Published Oct 28, 2024
Tracked Since Feb 18, 2026