Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

My Calendar Security Vulnerabilities

cve
cve

CVE-2012-6527

Cross-site scripting (XSS) vulnerability in the My Calendar plugin before 1.10.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

6AI Score

0.008EPSS

2013-01-31 05:44 AM
35
cve
cve

CVE-2023-6360

The 'My Calendar' WordPress Plugin, version < 3.4.22 is affected by an unauthenticated SQL injection vulnerability in the 'from' and 'to' parameters in the '/my-calendar/v1/events' rest route.

9.8CVSS

9.8AI Score

0.007EPSS

2023-11-30 04:15 PM
44
cve
cve

CVE-2024-1274

The My Calendar WordPress plugin before 3.4.24 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks (depending on the permissions set by the admin)

5.4CVSS

6AI Score

0.0004EPSS

2024-04-02 06:15 AM
56