CVE-2025-48246Missing Authorization in THE Events Calendar

CWE-862Missing Authorization3 documents3 sources
Severity
N/A
No vector
EPSS
0.1%
top 69.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Stellarwp THE Events Calendar
Timeline
PublishedMay 19

Description

Missing Authorization vulnerability in StellarWP The Events Calendar the-events-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar: from n/a through <= 6.11.2.1.

Affected Packages1 packages

CVEListV5stellarwp/the_events_calendar6.11.2.1

🔴Vulnerability Details

2
CVEList
WordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control Vulnerability2025-05-19
GHSA
GHSA-qcf6-9r7h-r3r4: Missing Authorization vulnerability in The Events Calendar The Events Calendar allows Exploiting Incorrectly Configured Access Control Security Levels2025-05-19
CVE-2025-48246 — Missing Authorization | cvebase