Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/03/13 11:42 a.m.26 views

CVE-2026-32361 WordPress Editorial Calendar plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marketing Fire Editorial Calendar editorial-calendar allows DOM-Based XSS.This issue affects Editorial Calendar: from n/a through = 3.9.0...

6.5CVSS0.00161EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 11:42 a.m.9 views

CVE-2026-32361

CVE-2026-32361 affects the WordPress Editorial Calendar plugin (editorial-calendar) up to version 3.9.0. The root cause is improper neutralization of input during web page generation, leading to DOM-based Cross-Site Scripting (XSS). Impact is DOM-based XSS for affected pages; public exploitation ...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/06/27 12:0 a.m.13 views

WordPress Editorial Calendar Plugin <= 3.7.12 is vulnerable to Insecure Direct Object References (IDOR)

Software Editorial Calendar Type Plugin Vulnerable versions = 3.7.12 Fixed in 3.8.0 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-36520 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5cbcd0860491 Credits Elliot...

8.1CVSS6.5AI score0.00364EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/27 12:0 a.m.14 views

WordPress Editorial Calendar Plugin <= 3.8.0 is vulnerable to Cross Site Scripting (XSS)

Software Editorial Calendar Type Plugin Vulnerable versions = 3.8.0 Fixed in 3.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4115 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ecc03a6dec25 Credits iohex Required...

5.4CVSS5.7AI score0.00444EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder