← Back

Calendar

calendar

Vendor: Kieranoshea • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-18872
1Kieranoshea
1Calendar
Nov 21, 2024
May 13, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The Kieran O'Shea Calendar plugin before 1.3.11 for WordPress has Stored XSS via the event_title parameter in a wp-admin/admin.php?page=calendar add action, or the category name during category creation at the wp-admin/a...Show more
The Kieran O'Shea Calendar plugin before 1.3.11 for WordPress has Stored XSS via the event_title parameter in a wp-admin/admin.php?page=calendar add action, or the category name during category creation at the wp-admin/admin.php?page=calendar-categories URI.Show less
CVE-2013-2698
1Kieranoshea
1Calendar
May 6, 2026
May 27, 2014
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in the Calendar plugin before 1.3.3 for WordPress allows remote attackers to hijack the authentication of users for requests that add a calendar entry via unspecified vecto...Show more
Cross-site request forgery (CSRF) vulnerability in the Calendar plugin before 1.3.3 for WordPress allows remote attackers to hijack the authentication of users for requests that add a calendar entry via unspecified vectors.Show less