4 matches found
CVE-2025-22261
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Stored XSS.This issue affects WP FullCalendar: from n/a through = 1.5...
CVE-2025-22261 WordPress WP FullCalendar plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marcus aka @msykes WP FullCalendar wp-fullcalendar allows Stored XSS.This issue affects WP FullCalendar: from n/a through = 1.5...
CVE-2025-22261 WordPress WP FullCalendar plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pixelite WP FullCalendar wp-fullcalendar allows Stored XSS.This issue affects WP FullCalendar: from n/a through 1.5...
CVE-2025-22261
CVE-2025-22261 is a real Stored Cross-Site Scripting vulnerability in the WP FullCalendar plugin for WordPress (wp-fullcalendar) affecting versions up to and including 1.5. The root cause is improper neutralization of user input during web page generation, allowing injected scripts to be stored a...