wp calendar project wp calendar vulnerabilities and exploits

(subscribe to this query)

NA

Stored Cross-Site Scripting (XSS) vulnerability in Fabian von Allmen WP Calendar plugin <= 1.5.3 versions.

Wp Calendar Project Wp Calendar

7.5

CVSSv2

The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php.

Wp Events Calendar Project Wp Events Calendar 1.0

1 EDB exploit

6.8

CVSSv2

An issue exists in the booking-calendar plugin 2.1.7 for WordPress. CSRF exists via wp-admin/admin.php.

Booking Calendar Project Booking Calendar 2.1.7

3.5

CVSSv2

An issue exists in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php sale_conditions[count][] parameter.

Booking Calendar Project Booking Calendar 2.1.7

3.5

CVSSv2

An issue exists in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php form_field5[label] parameter.

Booking Calendar Project Booking Calendar 2.1.7

3.5

CVSSv2

An issue exists in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php extra_field1[items][field_item1][price_percent] parameter.

Booking Calendar Project Booking Calendar 2.1.7

4.3

CVSSv2

Cross-site scripting (XSS) vulnerability in the Google Calendar Events plugin prior to 2.0.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the gce_feed_ids parameter in a gce_ajax action to wp-admin/admin-ajax.php.

Google Calendar Events Project Google Calendar Events

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook