Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor My Calendar Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-47427 1 My Calendar Project 1 My Calendar 2023-03-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions.
CVE-2021-24927 1 My Calendar Project 1 My Calendar 2021-11-29 3.5 LOW 5.4 MEDIUM
The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue
CVE-2019-15713 1 My Calendar Project 1 My Calendar 2019-08-29 4.3 MEDIUM 6.1 MEDIUM
The my-calendar plugin before 3.1.10 for WordPress has XSS.