CVE-2024-6522

🗓️ 07 Aug 2024 11:00:06Reported by WordfenceType

The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to 7.12.1

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-6522	7 Aug 202413:37	–	circl
CNNVD	WordPress plugin Modern Events Calendar 安全漏洞	7 Aug 202400:00	–	cnnvd
Cvelist	CVE-2024-6522 Modern Events Calendar <= 7.12.1 - Authenticated (Subscriber+) Server Side Request Forgery	7 Aug 202411:00	–	cvelist
EUVD	EUVD-2024-47603	3 Oct 202520:07	–	euvd
NVD	CVE-2024-6522	7 Aug 202411:15	–	nvd
Patchstack	WordPress Modern Events Calendar Plugin <= 7.12.1 is vulnerable to Server Side Request Forgery (SSRF)	7 Aug 202400:00	–	patchstack
Patchstack	WordPress Modern Events Calendar plugin <= 7.12.1 - Authenticated (Subscriber+) Server Side Request Forgery vulnerability	7 Aug 202402:36	–	patchstack
Patchstack	WordPress Modern Events Calendar Lite Plugin <= 7.12.1 is vulnerable to Server Side Request Forgery (SSRF)	7 Aug 202400:00	–	patchstack
Patchstack	WordPress Modern Events Calendar Lite plugin <= 7.12.1 - Authenticated (Subscriber+) Server Side Request Forgery vulnerability	7 Aug 202402:35	–	patchstack
RedhatCVE	CVE-2024-6522	5 Feb 202503:10	–	redhatcve

NVD

Vulners

Node

webnus modern_events_calendarRange<7.13.0wordpress

webnus modern_events_calendar_liteRange<7.13.0wordpress

[
  {
    "vendor": "Webnus",
    "product": "Modern Events Calendar",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "7.12.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "webnus/",
    "product": "Modern Events Calendar Lite",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "7.12.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/modern-events-calendar-lite/trunk/app/features/fes.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/00bf8f2f-6ab4-4430-800b-5b97abe7589e
wordpress	www.wordpress.org/plugins/modern-events-calendar-lite/
mec	www.mec.webnus.net/change-log/

08 Apr 2026 16:32Current

8.2High risk

Vulners AI Score8.2

CVSS 3.18.5 - 9.6

EPSS0.0074

SSVC

CWE-918