CVE-2026-22351

Name of the Vulnerable Software and Affected Versions WP FullCalendar versions through 1.6

Description The WP FullCalendar software contains a missing authorization flaw. This allows exploitation of incorrectly configured access control security levels. No information is available regarding the number of potentially affected devices or any real-world incidents where this issue was exploited.

Recommendations Update WP FullCalendar to a version later than 1.6.