High severity7.5NVD Advisory· Published Feb 20, 2026· Updated Apr 28, 2026
CVE-2026-22351
CVE-2026-22351
Description
Missing Authorization vulnerability in Marcus (aka @msykes) WP FullCalendar wp-fullcalendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP FullCalendar: from n/a through <= 1.6.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.