CVE-2026-11616 - Events Calendar for GeoDirectory <= 2.3.28 - Authenticated (Subscriber+) Privilege Escalation
CVE ID :CVE-2026-11616 Published : June 9, 2026, 9:16 a.m. | 1 hour, 59 minutes ago Description :The Events Calendar for GeoDirectory plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 2.3.28. This is due to the ajax_ayi_action() handler only applying...