CVE-2026-2694 | Events Calendar Plugin up to 6.15.16 on WordPress can_edit/can_delete improper authorization

Inserito da Angelo Barbosa | Feb 25, 2026 | CVE

A vulnerability described as critical has been identified in Events Calendar Plugin up to 6.15.16 on WordPress. This issue affects the function can_edit/can_delete. Executing a manipulation can lead to improper authorization.

This vulnerability appears as CVE-2026-2694. The attack may be performed from remote. There is no available exploit.

CVE-2026-2694 | Events Calendar Plugin up to 6.15.16 on WordPress can_edit/can_delete improper authorization

Post correlati

CVE-2022-50073 | Linux Kernel up to faa3baa2828c5e1c4374f3e60041f75c64f5fcb6 tap.c dev_parse_header_protocol null pointer dereference

CVE-2025-54090 | Apache HTTP Server 2.4.64 RewriteCond incorrect check of function return value

CVE-2024-9046 | Lenovo stARstudio prior 2020.3.12.34806 uncontrolled search path

CVE-2023-50310 | IBM CICS Transaction Gateway for Multiplatforms 9.2/9.3 insufficiently protected credentials