Webnus Modern_events_calendar
2 CVEs affecting Webnus Modern_events_calendar. Latest disclosed: 2024-08-07. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-5441 | High | 8.8 | 2024-07-09 | The Modern Events Calendar plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_featured_image function… |
CVE-2024-6522 | High | 8.5 | 2024-08-07 | The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.12.1 via the 'mec_fes_form… |