Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2025/12/31 11:5 a.m.4 views

CVE-2025-68979

Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...

5.3CVSS7AI score0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/30 12:30 p.m.2 views

EUVD-2025-205756

Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...

8.1CVSS6.5AI score0.00247EPSS
Exploits0References2
NVD
NVD
added 2025/12/30 11:15 a.m.4 views

CVE-2025-68979

Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...

5.3CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/30 10:47 a.m.25 views

CVE-2025-68979 WordPress Google Calendar Events plugin <= 3.5.9 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...

5.3CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added 2025/12/30 10:47 a.m.8 views

CVE-2025-68979

CVE-2025-68979 relates to the Simple Calendar – Google Calendar Plugin (WordPress). The vulnerability is described as an authorization bypass via a user-controlled key that could enable access to Google Calendar events through an unauthenticated path. Wordfence’s vulnerability digest lists CVE-20...

5.3CVSS6.6AI score0.00247EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/30 10:47 a.m.4 views

CVE-2025-68979 WordPress Google Calendar Events plugin <= 3.5.9 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...

5.3CVSS6.6AI score0.00247EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.4 views

WordPress plugin Google Calendar Events 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS5.8AI score0.00247EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.4 views

PT-2025-53869

Name of the Vulnerable Software and Affected Versions SimpleCalendar versions through 3.5.9 Description An authorization bypass exists due to user-controlled key vulnerability in Google Calendar Events. This allows exploitation of incorrectly configured access control security levels...

8.1CVSS6.5AI score0.00247EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/12/18 8:10 a.m.7 views

WordPress Google Calendar Events plugin <= 3.5.9 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Doan Dinh Van in WordPress Plugin Google Calendar Events versions = 3.5.9...

8.1CVSS7AI score0.00247EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-7017

Malware in sbrugna...

4.3CVSS6.1AI score0.02388EPSS
Exploits3References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in react-google-calendar-events (npm)

The package react-google-calendar-events was found to contain malicious code...

7AI score
Exploits0
Patchstack
Patchstack
added 2024/09/24 1:5 p.m.3 views

WordPress Google Calendar Events plugin <= 3.4.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Google Calendar Events versions = 3.4.2...

6.1CVSS6.3AI score0.00463EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.92 views

WordPress Google Calendar Events Plugin <= 3.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Google Calendar Events Type Plugin Vulnerable versions = 3.4.2 Fixed in 3.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8549 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9f01a635ec08 Credits vgo0 Requir...

6.1CVSS5.7AI score0.00463EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/11/28 12:0 a.m.11 views

WordPress Google Calendar Events Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Google Calendar Events Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49151 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a5cf8b7589dc Credits Abdi Pranata Required privilege...

6.5CVSS6.6AI score0.00401EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/24 10:20 a.m.15 views

CVE-2023-46189 WordPress Google Calendar Events Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Simple Calendar – Google Calendar Plugin = 3.2.5 versions...

4.3CVSS7AI score0.00277EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2014/10/10 12:0 a.m.58 views

WordPress Google Calendar Events 2.0.1 Cross Site Scripting

Advisory ID: HTB23235 Product: Google Calendar Events WordPress plugin Vendor: Phil Derksen Vulnerable Versions: 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 without technical details Vendor Notification: September 17, 2014 Vendor Patch: October 7, 2014...

4.3CVSS0.1AI score0.02388EPSS
Exploits3
0day.today
0day.today
added 2014/10/10 12:0 a.m.69 views

WordPress Google Calendar Events 2.0.1 Cross Site Scripting Vulnerability

WordPress Google Calendar Events plugin version 2.0.1 suffers from a cross site scripting vulnerability. Product: Google Calendar Events WordPress plugin Vendor: Phil Derksen Vulnerable Versions: 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 without...

4.3CVSS5.9AI score0.02388EPSS
Exploits3
Rows per page
Query Builder