Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Modern Events Calendar Lite — Vulnerabilities & Security Advisories 15

All 15 CVE vulnerabilities found in Modern Events Calendar Lite, with AI-generated Chinese analysis, references, and POCs.

This page documents security weaknesses associated with the Modern Events Calendar Lite plugin, categorized under WordPress vulnerability aggregations. It collects publicly disclosed security issues affecting this specific product, covering the period from its initial release through to the present day. By aggregating data from vendor advisories and third-party security repositories, the page provides a comprehensive overview of the plugin's security posture over time. Readers can use this resource to track the frequency and severity of reported issues, understand common vulnerability classes such as cross-site scripting or insecure direct object references within the context of this event management tool, and examine the historical trend of patches and fixes applied by the developers. The information is intended for security professionals, site administrators, and developers who need to assess the risk profile of integrating Modern Events Calendar Lite into their WordPress environments. It serves as a neutral reference point for evaluating past incidents and informing future maintenance or replacement decisions. The data reflects known issues as reported to public databases and does not include unpublished or zero-day exploits. Users are encouraged to review individual entries for technical details and mitigation steps. This aggregation aims to enhance transparency regarding the security history of open-source WordPress plugins.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2021-4458 Modern Events Calendar Lite <= 6.3.0 - Unauthenticated SQL Injection CWE-89 5.9 Medium2025-07-12
CVE-2025-5733 Modern Events Calendar <= 7.21.9 - Information Exposure CWE-201 5.3 Medium2025-06-06
CVE-2023-4021 Modern Events Calendar lite < 7.1.0 - Authenticated (Admin+) Stored Cross-Site Scripting CWE-79 4.4 Medium2023-10-20
CVE-2023-1400 Modern Events Calendar lite < 6.5.2 - Admin+ Stored XSS 4.8 -2023-03-27
CVE-2022-30533 Modern Events Calendar Lite 跨站脚本漏洞 5.4 -2022-06-16
CVE-2022-0364 Modern Events Calendar Lite < 6.4.0 - Contributor+ Stored Cross Site Scripting CWE-79 5.4 -2022-03-21
CVE-2021-25046 Modern Events Calendar Lite < 6.2.0 - Subscriber+ Category Add Leading to Stored XSS CWE-79 5.4 -2022-01-17
CVE-2021-24946 Modern Events Calendar < 6.1.5 - Unauthenticated Blind SQL Injection CWE-89 9.8 -2021-12-13
CVE-2021-24925 Modern Events Calendar Lite < 6.1.5 - Reflected Cross-Site Scripting CWE-79 6.1 -2021-12-13
CVE-2021-24716 Modern Events Calendar Lite < 5.22.3 - Authenticated Stored Cross Site Scripting CWE-79 5.4 -2021-11-01
CVE-2021-24687 Modern Events Calendar Lite < 5.22.2 - Admin+ Stored Cross-Site Scripting CWE-79 4.8 -2021-10-04
CVE-2021-24145 Modern Events Calendar Lite < 5.16.5 - Authenticated Arbitrary File Upload leading to RCE CWE-434 7.2 -2021-03-18
CVE-2021-24146 Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export CWE-284--2021-03-18
CVE-2021-24147 Modern Events Calendar Lite < 5.16.5 - Authenticated Stored Cross-Site Scripting (XSS) CWE-79 5.4 -2021-03-18
CVE-2021-24149 Modern Events Calendar Lite < 5.16.6 - Authenticated SQL Injection CWE-89 8.8 -2021-03-18

All 15 known CVE vulnerabilities affecting Modern Events Calendar Lite with full Chinese analysis, references, and POCs where available.