Description
Unauthenticated Cross-Site Scripting (XSS) vulnerability found by Andreas Hell in WordPress My Calendar plugin (versions <= 3.1.9).
## Solution
Update the WordPress My Calendar plugin to the latest available version (at least 3.1.10).
Affected Software
{"id": "PATCHSTACK:A26C08C27D84B53C4FE5CA4AA2098D5E", "vendorId": null, "type": "patchstack", "bulletinFamily": "software", "title": "WordPress My Calendar plugin <= 3.1.9 - Unauthenticated Cross-Site Scripting (XSS) vulnerability", "description": "Unauthenticated Cross-Site Scripting (XSS) vulnerability found by Andreas Hell in WordPress My Calendar plugin (versions <= 3.1.9).\n\n## Solution\n\n\r\n Update the WordPress My Calendar plugin to the latest available version (at least 3.1.10).\r\n ", "published": "2019-05-06T00:00:00", "modified": "2019-05-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://patchstack.com/database/vulnerability/my-calendar/wordpress-my-calendar-plugin-3-1-9-unauthenticated-cross-site-scripting-xss-vulnerability", "reporter": "Andreas Hell", "references": ["https://wordpress.org/plugins/my-calendar/#developers"], "cvelist": [], "immutableFields": [], "lastseen": "2022-06-01T19:37:11", "viewCount": 1, "enchantments": {"score": {"value": 1.2, "vector": "NONE"}, "affected_software": {"major_version": [{"name": "my calendar", "version": 3}]}, "vulnersScore": 1.2}, "_state": {"score": 1659860190, "dependencies": 1660016401, "affected_software_major_version": 1666695388}, "_internal": {"score_hash": "43f625811d1258d77beb6d9a6ddd4812"}, "affectedSoftware": [{"version": "3.1.9", "operator": "le", "name": "my calendar"}], "vendor_cvss": {"score": "3.1", "severity": "Unknown severity"}, "owasp": "A3: Cross Site Scripting (XSS)", "classification": "Cross Site Scripting (XSS)"}
{}
WordPress My Calendar plugin <= 3.1.9 - Unauthenticated Cross-Site Scripting (XSS) vulnerability