Missing Authorization Vulnerability in Metagauss EventPrime Event Calendar Management
CVE-2026-24380
5.3MEDIUM
What is CVE-2026-24380?
A missing authorization vulnerability exists in the Metagauss EventPrime event calendar management plugin, allowing an attacker to exploit incorrectly configured access control security levels. This issue affects versions of EventPrime up to 4.2.8.0, potentially enabling unauthorized users to gain access to restricted functionality and sensitive data.
Affected Version(s)
EventPrime 0 <= 4.2.8.0