4 matches found
CVE-2022-25599
Cross-Site Request Forgery CSRF vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin versions = 4.9.0...
CVE-2022-25599 WordPress Spiffy Calendar plugin <= 4.9.0 - Event deletion via Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin versions = 4.9.0...
CVE-2022-25599
CVE-2022-25599 describes a CSRF vulnerability in the WordPress plugin Spiffy Calendar (versions ≤ 4.9.0) that allows an attacker to trigger event deletion due to missing token validation on the delete request. Multiple sources document the issue and confirm the affected component as the plugin’s ...
CVE-2022-25599 WordPress Spiffy Calendar plugin <= 4.9.0 - Event deletion via Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin versions = 4.9.0...