17 matches found
CVE-2025-68979
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...
EUVD-2025-205756
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...
CVE-2025-68979
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...
CVE-2025-68979 WordPress Google Calendar Events plugin <= 3.5.9 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...
CVE-2025-68979
CVE-2025-68979 relates to the Simple Calendar – Google Calendar Plugin (WordPress). The vulnerability is described as an authorization bypass via a user-controlled key that could enable access to Google Calendar events through an unauthenticated path. Wordfence’s vulnerability digest lists CVE-20...
CVE-2025-68979 WordPress Google Calendar Events plugin <= 3.5.9 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Events google-calendar-events allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google Calendar Events: from n/a through = 3.5.9...
WordPress plugin Google Calendar Events 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-53869
Name of the Vulnerable Software and Affected Versions SimpleCalendar versions through 3.5.9 Description An authorization bypass exists due to user-controlled key vulnerability in Google Calendar Events. This allows exploitation of incorrectly configured access control security levels...
WordPress Google Calendar Events plugin <= 3.5.9 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Doan Dinh Van in WordPress Plugin Google Calendar Events versions = 3.5.9...
EUVD-2014-7017
Malware in sbrugna...
Malicious code in react-google-calendar-events (npm)
The package react-google-calendar-events was found to contain malicious code...
WordPress Google Calendar Events plugin <= 3.4.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Google Calendar Events versions = 3.4.2...
WordPress Google Calendar Events Plugin <= 3.4.2 is vulnerable to Cross Site Scripting (XSS)
Software Google Calendar Events Type Plugin Vulnerable versions = 3.4.2 Fixed in 3.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8549 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9f01a635ec08 Credits vgo0 Requir...
WordPress Google Calendar Events Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Google Calendar Events Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49151 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a5cf8b7589dc Credits Abdi Pranata Required privilege...
CVE-2023-46189 WordPress Google Calendar Events Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Simple Calendar – Google Calendar Plugin = 3.2.5 versions...
WordPress Google Calendar Events 2.0.1 Cross Site Scripting
Advisory ID: HTB23235 Product: Google Calendar Events WordPress plugin Vendor: Phil Derksen Vulnerable Versions: 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 without technical details Vendor Notification: September 17, 2014 Vendor Patch: October 7, 2014...
WordPress Google Calendar Events 2.0.1 Cross Site Scripting Vulnerability
WordPress Google Calendar Events plugin version 2.0.1 suffers from a cross site scripting vulnerability. Product: Google Calendar Events WordPress plugin Vendor: Phil Derksen Vulnerable Versions: 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 without...