4 matches found
CVE-2026-32361 WordPress Editorial Calendar plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marketing Fire Editorial Calendar editorial-calendar allows DOM-Based XSS.This issue affects Editorial Calendar: from n/a through = 3.9.0...
CVE-2026-32361
CVE-2026-32361 affects the WordPress Editorial Calendar plugin (editorial-calendar) up to version 3.9.0. The root cause is improper neutralization of input during web page generation, leading to DOM-based Cross-Site Scripting (XSS). Impact is DOM-based XSS for affected pages; public exploitation ...
WordPress Editorial Calendar Plugin <= 3.7.12 is vulnerable to Insecure Direct Object References (IDOR)
Software Editorial Calendar Type Plugin Vulnerable versions = 3.7.12 Fixed in 3.8.0 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-36520 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5cbcd0860491 Credits Elliot...
WordPress Editorial Calendar Plugin <= 3.8.0 is vulnerable to Cross Site Scripting (XSS)
Software Editorial Calendar Type Plugin Vulnerable versions = 3.8.0 Fixed in 3.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4115 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ecc03a6dec25 Credits iohex Required...