Edit/Delete event via IDOR vulnerability discovered in WordPress Spiffy Calendar plugin (versions <= 4.9.0) by Ex.Mi (Patchstack).
Update the WordPress Spiffy Calendar plugin to the latest available version (at least 4.9.1).
CPE | Name | Operator | Version |
---|---|---|---|
spiffy calendar | le | 4.9.0 |