📦 Modern Events Calendar Lite

Name: Modern Events Calendar Lite
Author: Webnus

by Webnus

🔍 What is Modern Events Calendar Lite?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2021-24946

CRITICAL CVSS 9.8 Dec 13, 2021

This is an unauthenticated SQL injection vulnerability in the Modern Events Calendar Lite WordPress plugin. Attackers can exploit it by sending specially crafted requests to the mec_load_single_page A...

CVE-2024-6522

HIGH CVSS 8.5 Aug 7, 2024

The Modern Events Calendar WordPress plugin contains a Server-Side Request Forgery (SSRF) vulnerability that allows authenticated attackers with Subscriber-level access or higher to make arbitrary web...

CVE-2024-5441

HIGH CVSS 8.8 Jul 9, 2024

The Modern Events Calendar WordPress plugin allows arbitrary file uploads due to missing file type validation in the set_featured_image function. This enables authenticated attackers (subscriber-level...

CVE-2021-24145

HIGH CVSS 7.2 Mar 18, 2021

This vulnerability allows authenticated WordPress administrators to upload arbitrary PHP files disguised as CSV files in the Modern Events Calendar Lite plugin. Attackers can achieve remote code execu...