WordPress VR Calendar <=2.3.2 - Remote Code Execution

WordPress VR Calendar plugin through 2.3.2 is susceptible to remote code execution. The plugin allows any user to execute arbitrary PHP functions on the site. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without...

[SECURITY] Fedora 44 Update: nextcloud-33.0.4-1.fc44

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

[SECURITY] Fedora 44 Update: nextcloud-32.0.6-1.fc44

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

CVE-2025-5936

The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar function. This makes it possible for unauthenticated attackers to trigger a calendar sync via a...

CVE-2025-5936 VR Calendar <= 2.4.7 - Cross-Site Request Forgery to Calendar Sync

The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar function. This makes it possible for unauthenticated attackers to trigger a calendar sync via a...

CVE-2025-5936 VR Calendar <= 2.4.7 - Cross-Site Request Forgery to Calendar Sync

The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar function. This makes it possible for unauthenticated attackers to trigger a calendar sync via a...

CVE-2025-5936

CVE-2025-5936 documents a Cross-Site Forgery vulnerability in the WordPress VR Calendar plugin. Affected versions are all up to and including 2.4.7, where missing or incorrect nonce validation in the syncCalendar() function allows unauthenticated attackers to trigger a calendar sync via a forged ...

[SECURITY] Fedora 41 Update: nextcloud-31.0.5-1.fc41

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

[SECURITY] Fedora 40 Update: nextcloud-31.0.2-2.fc40

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

[SECURITY] Fedora 41 Update: nextcloud-29.0.6-1.fc41

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

OPENSUSE-SU-2021:1091-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 78.12 fixed: Sending an email containing HTML links with spaces in the URL sometimes resulted in broken links fixed: Folder Pane display theme fixes for macOS fixed: Chat account settings did not always save as...

OPENSUSE-SU-2021:2458-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 78.12 fixed: Sending an email containing HTML links with spaces in the URL sometimes resulted in broken links fixed: Folder Pane display theme fixes for macOS fixed: Chat account settings did not always save as...

SUSE-SU-2021:2458-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 78.12 fixed: Sending an email containing HTML links with spaces in the URL sometimes resulted in broken links fixed: Folder Pane display theme fixes for macOS fixed: Chat account settings did not always save as...

[SECURITY] Fedora 33 Update: nextcloud-19.0.13-1.fc33

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

[SECURITY] Fedora 32 Update: nextcloud-18.0.9-1.fc32

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. NextCloud is extendable via a simple but powerful API...

The vulnerability of the fly-admin-date component in the FLY operating system environment of Astra Linux, due to insufficient input data validation, allows a hacker to trigger a service failure.

The vulnerability of the fly-admin-date component in the FLY environment of the Astra Linux operating system is related to a calendar synchronization error due to ntp. Exploiting this vulnerability allows a remote attacker to cause service failures...

Easy!Appointments v1.2.1 Multiple Stored XSS Vulnerabilities

Summary Easy!Appointments is a highly customizable web application that allows your customers to book appointments with you via the web. Moreover, it provides the ability to sync your data with Google Calendar so you can use them with other services. It is an open source project and you can...

FAQ: Limitation on calendar sync with Secure Mail?

Question: Do we have any limitation on calendar sync with Secure Mail? Answer: Secure Mail only syncs 6 months before and 12 months ahead events.It applies to both iOS and Android...

[SECURITY] Fedora 22 Update: owncloud-8.0.10-1.fc22

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

[SECURITY] Fedora 21 Update: owncloud-7.0.5-2.fc21

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...