CVE-2014-4571
Summary of CVE-2014-4571 : The VN-Calendar WordPress plugin (vncal.js.php) version 1.0 and earlier is affected. The vulnerability is a Multiple Cross-Site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML by supplying input via the (1) fs or (2) w parameters...