CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/09 9:27 a.m.•5 views

CVE-2023-45273

Cross-Site Request Forgery CSRF vulnerability in Matt McKenny Stout Google Calendar plugin = 1.2.3 versions...

8.8CVSS7.1AI score0.0016EPSS

NVD•added 2025/12/20 4:16 a.m.•1 views

CVE-2025-12898

The Pretty Google Calendar plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the pgcalajaxhandler function in all versions up to, and including, 2.0.0. This makes it possible for unauthenticated attackers to retrieve the Google API key set in t...

5.3CVSS0.00065EPSS

Exploits0References3

8.8CVSS8.6AI score0.0016EPSS

EUVD-2023-49579

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.00181EPSS

EUVD-2023-53156

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.01243EPSS

EUVD-2024-49256

Malicious code in bioql PyPI...

Exploits0References3

8.8CVSS9AI score0.00171EPSS

EUVD-2023-50432

Malicious code in bioql PyPI...

WPVulnDB•added 2023/12/20 12:0 a.m.•7 views

Simple Calendar < 3.2.5 - Cross-Site Request Forgery via duplicate_feed

Description The Simple Calendar – Google Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to 3.2.5 exclusive. This is due to missing or incorrect nonce validation on the duplicatefeed function. This makes it possible for unauthenticated attackers...

6.5AI score

OSV•added 2023/12/14 6:15 p.m.•2 views

CVE-2023-49151

5.4CVSS5.8AI score0.00181EPSS

Prion•added 2023/12/14 6:15 p.m.•19 views

Cross site scripting

4.9CVSS6.9AI score0.00181EPSS

CVE•added 2023/12/14 5:11 p.m.•42 views

CVE-2023-49151

Summary: CVE-2023-49151 affects the WordPress plugin Google Calendar Events (aka Simple Calendar – Google Calendar Plugin), with affected versions up to 3.2.6. The vulnerability is a stored XSS caused by improper neutralization of input during web page generation. The issue supports a network att...

6.5CVSS5.7AI score0.00181EPSS

NVD•added 2023/10/25 6:17 p.m.•16 views

CVE-2023-46189

Cross-Site Request Forgery CSRF vulnerability in Simple Calendar – Google Calendar Plugin = 3.2.5 versions...

8.8CVSS5.8AI score0.00171EPSS

Prion•added 2023/10/25 6:17 p.m.•23 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Simple Calendar – Google Calendar Plugin = 3.2.5 versions...

6.8CVSS8.8AI score0.00171EPSS

CVE•added 2023/10/24 10:20 a.m.•33 views

CVE-2023-46189

CVE-2023-46189 is a CSRF vulnerability in the WordPress plugin Simple Calendar – Google Calendar Plugin, affected versions up to 3.2.5. Technical details in Patchstack/NVD indicate unauthenticated CSRF exposure with low to medium severity (Patchstack lists CVSS 4.3; fixed in 3.2.6). The vulnerabi...

8.8CVSS6.4AI score0.00171EPSS

OSV•added 2023/10/16 9:15 a.m.•0 views

CVE-2023-45273

Cross-Site Request Forgery CSRF vulnerability in Matt McKenny Stout Google Calendar plugin = 1.2.3 versions...

8.8CVSS7.3AI score0.0016EPSS

Positive Technologies•added 2023/10/16 12:0 a.m.•2 views

PT-2023-29477 · Unknown · Matt Mckenny Stout Google Calendar Plugin

Name of the Vulnerable Software and Affected Versions: Matt McKenny Stout Google Calendar plugin versions = 1.2.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the use...

8.8CVSS8.4AI score0.0016EPSS

Exploits0References4

CNVD•added 2019/10/08 12:0 a.m.•1 views

Unspecified Vulnerability in CloudBees Jenkins Google Calendar Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Google Calendar Plugin is used in one of the...

6.5CVSS6.9AI score0.00047EPSS