← Back

My Calendar

my_calendar

Vendor: My Calendar Project • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1My Calendar Project
1My Calendar
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versions.
1My Calendar Project
1My Calendar
Jun 17, 2026
Mar 15, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions.
1My Calendar Project
1My Calendar
Jun 17, 2026
Nov 29, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leadin...Show more
The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issueShow less
1My Calendar Project
1My Calendar
Jun 17, 2026
Aug 28, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The my-calendar plugin before 3.1.10 for WordPress has XSS.