Missing Authorization Vulnerability in Metagauss EventPrime Event Calendar Management
CVE-2026-24380
Currently unrated
What is CVE-2026-24380?
A missing authorization vulnerability exists in the Metagauss EventPrime event calendar management plugin, allowing an attacker to exploit incorrectly configured access control security levels. This issue affects versions of EventPrime up to 4.2.8.0, potentially enabling unauthorized users to gain access to restricted functionality and sensitive data.
Affected Version(s)
EventPrime <= n/a
References
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Bao - BlueRock | Patchstack Bug Bounty Program