Matthew Fries Mf Gig Calendar vulnerabilities

3 known vulnerabilities affecting matthew_fries/mf_gig_calendar.

Total CVEs

3

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2024-33651HIGHCVSS 8.8≥ n/a, ≤ 1.2.12024-04-26

CVE-2024-33651 [HIGH] CWE-352 CVE-2024-33651: Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a through 1.2.1.

CVE-2023-50842HIGHCVSS 8.8≥ n/a, ≤ 1.2.12023-12-28

CVE-2023-50842 [HIGH] CWE-89 CVE-2023-50842: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar: from n/a through 1.2.1.

CVE-2023-37970MEDIUMCVSS 5.4≥ n/a, ≤ 1.22023-07-27

CVE-2023-37970 [MEDIUM] CWE-79 CVE-2023-37970: Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Matthew Fries MF Gig Calenda Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Matthew Fries MF Gig Calendar plugin <= 1.2 versions.