Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
calendar vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-34812
Use of hard-coded credentials vulnerability in php component in Synology Calendar prior to 2.4.0-0761 allows remote malicious users to obtain sensitive information via unspecified vectors.
Synology Calendar
2.1
CVSSv2
CVE-2022-33705
Information exposure in Calendar prior to version 12.3.05.10000 allows malicious user to access calendar schedule without READ_CALENDAR permission.
Samsung Calendar
NA
CVE-2023-32122
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar plugin <= 4.9.3 versions.
Spiffyplugins Spiffy Calendar
4.3
CVSSv2
CVE-2017-18555
The booking-sms plugin prior to 1.1.0 for WordPress has XSS.
Mediaburst Booking Calendar
4.3
CVSSv2
CVE-2022-25599
Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion exists in Spiffy Calendar WordPress plugin (versions <= 4.9.0).
Spiffyplugins Spiffy Calendar
2.1
CVSSv2
CVE-2022-31059
Discourse Calendar is a calendar plugin for Discourse, an open-source messaging app. Prior to version 1.0.1, parsing and rendering of Event names can be susceptible to cross-site scripting (XSS) attacks. This vulnerability only affects sites which have modified or disabled Discou...
Discourse Discourse Calendar
NA
CVE-2022-41913
Discourse-calendar is a plugin for the Discourse messaging platform which adds the ability to create a dynamic calendar in the first post of a topic. Members of private groups or public groups with private members can be listed by users, who can create and edit post events. This ...
Discourse Calendar 0.2
NA
CVE-2023-24388
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).
Wpdevart Booking Calendar
4
CVSSv2
CVE-2022-29434
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an malicious user to edit or delete events.
Spiffyplugins Spiffy Calendar
3.5
CVSSv2
CVE-2021-24604
The Availability Calendar WordPress plugin prior to 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_htm...
Offshorewebmaster Availability Calendar
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »