6.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.7%
Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.
spiffycalendar.sunnythemes.com/version-3-3-0/
www.securityfocus.com/bid/98931
wpvulndb.com/vulnerabilities/8842