Display Eventbrite Events
Monthly
Missing authorization in the fullworks Display Eventbrite Events WordPress plugin through version 6.5.6 allows unauthenticated remote attackers to modify plugin data via incorrectly configured access control mechanisms. The vulnerability enables integrity attacks (CWE-862: Missing Authorization) without requiring authentication or user interaction, affecting the plugin's REST API or admin functions. EPSS score of 0.02% indicates extremely low real-world exploitation probability despite the network-accessible attack vector.
Missing authorization in the fullworks Display Eventbrite Events WordPress plugin through version 6.5.6 allows unauthenticated remote attackers to modify plugin data via incorrectly configured access control mechanisms. The vulnerability enables integrity attacks (CWE-862: Missing Authorization) without requiring authentication or user interaction, affecting the plugin's REST API or admin functions. EPSS score of 0.02% indicates extremely low real-world exploitation probability despite the network-accessible attack vector.