CVE-2008-0490

The WP-Cal 0.3 WordPress plugin contains an SQL injection in functions/editevent.php, exploitable via the id parameter. This affects the plugin’s ability to process events and can lead to arbitrary SQL execution. Connected sources confirm the component and parameter, with remediation guidance to ...