3 matches found
PT-2025-46297
Name of the Vulnerable Software and Affected Versions WordPress Holiday Class Post Calendar plugin versions up to and including 7.1 Description The Holiday Class Post Calendar plugin for WordPress is susceptible to Remote Code Execution via the contents parameter. This occurs because the plugin...
WordPress The Holiday Calendar plugin <= 1.18.2.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin The Holiday Calendar versions = 1.18.2.1...
WordPress The Holiday Calendar Plugin <= 1.11.2 - Cross Site Scripting (XSS)
Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...