Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

CNVD
CNVDadded 2025/10/24 12:0 a.m.2 views

WordPress Calendar Plus plugin cross-site scripting vulnerability

WordPress Calendar Plus plugin is a calendar plugin for WordPress to create and manage event calendars. WordPress Calendar Plus plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...

7.1CVSS6.1AI score0.00075EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/10/23 3:13 p.m.3 views

CVE-2025-53350

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through = 1.2.4...

7.1CVSS6.4AI score0.00075EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/22 3:31 p.m.2 views

EUVD-2025-35466

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through = 1.2.4...

5.9AI score0.00075EPSS
Exploits0References2
NVD
NVDadded 2025/10/22 3:15 p.m.2 views

CVE-2025-53350

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through = 1.2.4...

7.1CVSS0.00075EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/10/22 2:32 p.m.2 views

CVE-2025-53350 WordPress Calendar Plus plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through = 1.2.4...

7.1CVSS6AI score0.00075EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/10/22 2:32 p.m.5 views

CVE-2025-53350 WordPress Calendar Plus plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through = 1.2.4...

7.1CVSS0.00075EPSS
Exploits0References1
CVE
CVEadded 2025/10/22 2:32 p.m.5 views

CVE-2025-53350

CVE-2025-53350 affects WordPress Calendar Plus plugin versions up to 1.2.4 and is a reflected XSS due to improper input handling in generated HTML. The CVE entry is corroborated by multiple sources (NVD, Red Hat, EUVD, CNVD, CVE list). Impact is indicated as HIGH (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:...

7.1CVSS6AI score0.00075EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/10/22 12:0 a.m.2 views

WordPress plugin Calendar Plus 跨站脚本漏洞

WordPress Calendar Plus plugin is a calendar plugin for WordPress to create and manage event calendars. WordPress Calendar Plus plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...

7.1CVSS6AI score0.00075EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/10/22 12:0 a.m.3 views

PT-2025-43256

Name of the Vulnerable Software and Affected Versions webjunk Calendar Plus versions through 1.2.4 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-site Scripting XSS condition. This allows an...

7.1CVSS6.2AI score0.00075EPSS
Exploits0References4
Patchstack
Patchstackadded 2025/09/12 4:7 p.m.5 views

WordPress Calendar Plus plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Calendar Plus versions = 1.2.4...

7.1CVSS6.1AI score0.00075EPSS
Exploits0Affected Software1
Rows per page
Query Builder