CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions. |
1My Calendar Project 1My Calendar Jun 17, 2026 Nov 29, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leadin...Show more |
1My Calendar Project 1My Calendar Jun 17, 2026 Aug 28, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The my-calendar plugin before 3.1.10 for WordPress has XSS. |