Lucene search
Simple Events Calendar Security Vulnerabilities
cve
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Calendar Simple Calendar – Google Calendar Plugin allows Stored XSS.This issue affects Simple Calendar – Google Calendar Plugin: from n/a through...
6.5CVSS
5.4AI Score
0.0004EPSS
2023-12-14 06:15 PM
11
cve
Cross-Site Request Forgery (CSRF) vulnerability in Simple Calendar – Google Calendar Plugin <= 3.2.5...
8.8CVSS
8.8AI Score
0.001EPSS
2023-10-25 06:17 PM
14
cve
The Simple Events Calendar WordPress plugin through 1.4.0 does not sanitise, validate or escape the event_id POST parameter before using it in a SQL statement when deleting events, leading to an authenticated SQL injection...
7.2CVSS
7.1AI Score
0.001EPSS
2021-08-23 12:15 PM
21