CVE-2024-31433 — Cross-Site Request Forgery in THE Events Calendar

CWE-352 — Cross-Site Request Forgery3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 66.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Stellarwp THE Events Calendar

Timeline

PublishedApr 15

Description

Cross-Site Request Forgery (CSRF) vulnerability in StellarWP The Events Calendar the-events-calendar.This issue affects The Events Calendar: from n/a through <= 6.3.0.

Affected Packages1 packages

▶CVEListV5stellarwp/the_events_calendar6.3.0

🔴Vulnerability Details

CVEList

WordPress The Events Calendar plugin <= 6.3.0 - Cross Site Request Forgery (CSRF) vulnerability↗2024-04-15

▶

GHSA

GHSA-f6qx-4w44-966h: Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar↗2024-04-15

▶