A critical SQL injection vulnerability has been discovered in The Events Calendar WordPress plugin (CVE-2024-8275), affecting all versions up to 6. 6. 4. The vulnerability has a CVSS score of 9. 8, indicating a high level of severity.