Cross-Site Request Forgery (CSRF) vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily connect-daily-web-calendar allows Cross-Site Scripting (XSS).This issue affects WordPre
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily connect-daily-web-calendar allows St
Cross-Site Request Forgery (CSRF) vulnerability in WP Corner Quick Event Calendar quick-event-calendar allows Cross Site Request Forgery.This issue affects Quick Event Calendar: from n/a through <= 1.
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar Link Widget through the html_tag attribute in all versions up to, and including, 6.9.0
The XO Event Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xo_event_field' shortcode in all versions up to, and including, 3.2.10 due to insufficient inp
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Cross Site Request Forgery.This issue affects Onl
Cross-Site Request Forgery (CSRF) vulnerability in StellarWP The Events Calendar the-events-calendar allows Cross Site Request Forgery.This issue affects The Events Calendar: from n/a through <= 6.7.0
Cross-Site Request Forgery (CSRF) vulnerability in StellarWP The Events Calendar the-events-calendar allows Cross Site Request Forgery.This issue affects The Events Calendar: from n/a through <= 6.5.1
The Simple Calendar – Google Calendar Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all version
The Add infos to the events calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fuss' shortcode in all versions up to, and including, 1.4.1 due to insufficient
The Digital Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘column’ parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitizat
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-date-*’ parameters in all versions up to, and including, 6.13.2 due to insufficient input saniti
Cross-Site Request Forgery (CSRF) vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Cross Site Request Forgery.This issue affects WP Time Slots Booking Form: fro
Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hossain Easy Booked – Appointment Booking and Scheduling Management System for WordPress easy-booked allows Cross Site Request Forgery
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and out
The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.15.2 via the REST endpoint. This makes it possible for unauthenticated attack
The Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'event_desc' parameter in all versions up to, and including, 1.3.16 due to insufficient input sanitization and ou
The Sugar Calendar – Simple Event Management plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘calendar_header’ parameter in all versions up to, and includin
The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar()
Page 1+ Next →