Note:
This project will be discontinued after December 13, 2021. [more]
Product:
My_calendar
(My_calendar_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-11-29 | CVE-2021-24927 | The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue | My_calendar | 5.4 | ||
| 2023-03-15 | CVE-2022-47427 | Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions. | My_calendar | 8.8 | ||
| 2023-05-22 | CVE-2023-23813 | Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versions. | My_calendar | 8.8 | ||
| 2019-08-28 | CVE-2019-15713 | The my-calendar plugin before 3.1.10 for WordPress has XSS. | My_calendar | 6.1 |