2 matches found
PT-2025-33460 · WordPress · Bizcalendar Web
Name of the Vulnerable Software and Affected Versions: BizCalendar Web plugin for WordPress versions prior to 1.1.0.51 Description: The BizCalendar Web plugin for WordPress is vulnerable to Local File Inclusion via the bizcalv shortcode. Authenticated attackers with Contributor-level access and...
CVE-2025-30843 WordPress bizcalendar-web plugin <= 1.1.0.34 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in setriosoft bizcalendar-web bizcalendar-web allows SQL Injection.This issue affects bizcalendar-web: from n/a through = 1.1.0.34...