Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wp calendar project wp calendar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-45814
Stored Cross-Site Scripting (XSS) vulnerability in Fabian von Allmen WP Calendar plugin <= 1.5.3 versions.
Wp Calendar Project Wp Calendar
7.5
CVSSv2
CVE-2018-5315
The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php.
Wp Events Calendar Project Wp Events Calendar 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2018-5673
An issue exists in the booking-calendar plugin 2.1.7 for WordPress. CSRF exists via wp-admin/admin.php.
Booking Calendar Project Booking Calendar 2.1.7
3.5
CVSSv2
CVE-2018-5670
An issue exists in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php sale_conditions[count][] parameter.
Booking Calendar Project Booking Calendar 2.1.7
3.5
CVSSv2
CVE-2018-5672
An issue exists in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php form_field5[label] parameter.
Booking Calendar Project Booking Calendar 2.1.7
3.5
CVSSv2
CVE-2018-5671
An issue exists in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php extra_field1[items][field_item1][price_percent] parameter.
Booking Calendar Project Booking Calendar 2.1.7
4.3
CVSSv2
CVE-2014-7138
Cross-site scripting (XSS) vulnerability in the Google Calendar Events plugin prior to 2.0.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the gce_feed_ids parameter in a gce_ajax action to wp-admin/admin-ajax.php.
Google Calendar Events Project Google Calendar Events
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started