CSRF Vulnerability in Quick Event Calendar Plugin for WordPress
CVE-2025-27360
4.3MEDIUM
What is CVE-2025-27360?
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Quick Event Calendar plugin for WordPress, allowing attackers to perform unauthorized actions on behalf of an authenticated user. This issue affects all versions from n/a through 1.4.9, making it critical for users to secure their installations and update to the latest version to mitigate potential risks.
Affected Version(s)
Quick Event Calendar <= 1.4.9