Description
WordPress Plugin Modern Events Calendar Lite is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify plugin's settings. WordPress Plugin Modern Events Calendar Lite version 5.1.6 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.1.8 or latest
References
Related Vulnerabilities
Nginx Improper Input Validation Vulnerability (CVE-2011-4968)
SharePoint CVE-2023-36894 Vulnerability (CVE-2023-36894)
WordPress Plugin WP-ViperGB Cross-Site Request Forgery (1.3.10)
Oracle Database Server CVE-2011-0793 Vulnerability (CVE-2011-0793)
Werkzeug WSGI URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-28724)