Security Advisory

CVE-2021-24146

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-18 14:57:50

Last updated 2024-08-03 19:21:18

Assigner WPScan

State PUBLISHED

Description

Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example.

← Browse all CVEs View on cve.org ↗