My Calendar Project My Calendar vulnerabilities
4 known vulnerabilities affecting my_calendar_project/my_calendar.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2019-15713P3MEDIUMCVSS 6.1PoCfixed in 3.1.102019-08-28
CVE-2019-15713 [MEDIUM] CWE-79 CVE-2019-15713: The my-calendar plugin before 3.1.10 for WordPress has XSS.
The my-calendar plugin before 3.1.10 for WordPress has XSS.
nvd
CVE-2022-47427P4HIGHCVSS 8.8≤ 3.3.24.12023-03-15
CVE-2022-47427 [HIGH] CWE-352 CVE-2022-47427: Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 ve
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions.
nvd
CVE-2023-23813P4HIGHCVSS 8.8≤ 3.4.32023-05-22
CVE-2023-23813 [HIGH] CWE-352 CVE-2023-23813: Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versi
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versions.
nvd
CVE-2021-24927P4MEDIUMCVSS 5.4fixed in 3.2.182021-11-29
CVE-2021-24927 [MEDIUM] CWE-79 CVE-2021-24927: The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter o
The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue
nvd