Description
WordPress Plugin Modern Events Calendar Lite is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify plugin's settings. WordPress Plugin Modern Events Calendar Lite version 5.1.6 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.1.8 or latest
References
Related Vulnerabilities
Liferay DXP CVE-2020-15840 Vulnerability (CVE-2020-15840)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3835)
WordPress Plugin Elementor Website Builder Unspecified Vulnerability (1.8.8)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3092)