Total
9 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-38692 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | N/A | 7.6 HIGH |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.11. | |||||
CVE-2024-30528 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | N/A | 5.4 MEDIUM |
Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar.This issue affects Spiffy Calendar: from n/a through 4.9.10. | |||||
CVE-2023-49745 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | N/A | 6.5 MEDIUM |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.5. | |||||
CVE-2023-32122 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | N/A | 5.8 MEDIUM |
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar plugin <= 4.9.3 versions. | |||||
CVE-2022-46859 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | N/A | 9.8 CRITICAL |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.1. | |||||
CVE-2022-29434 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | 4.0 MEDIUM | 6.3 MEDIUM |
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events. | |||||
CVE-2022-25599 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | 4.3 MEDIUM | 5.4 MEDIUM |
Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin (versions <= 4.9.0). | |||||
CVE-2024-45457 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-09-19 | N/A | 5.4 MEDIUM |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13. | |||||
CVE-2024-45458 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-09-19 | N/A | 6.1 MEDIUM |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13. |