CVE-2021-24146

Name of the Vulnerable Software and Affected Versions: Modern Events Calendar Lite WordPress plugin versions prior to 5.16.5

Description: The issue is related to a lack of authorization checks in the plugin, which did not properly restrict access to export files. This allowed unauthenticated users to export all events data in formats such as CSV or XML.

Recommendations: For versions prior to 5.16.5, update to version 5.16.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the export functionality until a patch is applied.