CVE-2026-2694 | Events Calendar Plugin up to 6.15.16 on WordPress can_edit/can_delete improper authorization

Inserito da Angelo Barbosa | Feb 25, 2026 | CVE

A vulnerability described as critical has been identified in Events Calendar Plugin up to 6.15.16 on WordPress. This issue affects the function can_edit/can_delete. Executing a manipulation can lead to improper authorization.

This vulnerability appears as CVE-2026-2694. The attack may be performed from remote. There is no available exploit.

CVE-2026-2694 | Events Calendar Plugin up to 6.15.16 on WordPress can_edit/can_delete improper authorization

Post correlati

CVE-2024-41631 | host-host NEUQ_board 1.0 password.h denial of service

CVE-2025-11658 | ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59 changeSllyabus.php File unrestricted upload

CVE-2024-8414 | SourceCodester Insurance Management System 1.0 cross-site request forgery

CVE-2024-7851 | SourceCodester Yoga Class Registration System 1.0 Add User Users.php improper authorization