A popular plugin for WordPress called “The Events Calendar” has a security issue in all versions up to 6.7.0. This means that hackers can potentially trick the website’s administrator into performing an action, like clicking on a link, without being authenticated. It is not clear what the consequences of this vulnerability could be.