Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Display Eventbrite Events widget: Access control security levels are not enforced
CVE-2026-39535
Summary
A security issue in Display Eventbrite Events widget-for-eventbrite-api means that access control settings are not being followed. This could allow unauthorized access to certain events. If you use this widget, you should check your access control settings and ensure they are properly configured to prevent this issue.
Original title
Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Displ...
Original description
Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display Eventbrite Events: from n/a through <= 6.5.6.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026