WordPress Calendar plugin <= 1.3.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability found by boombyte in WordPress Calendar plugin (versions <= 1.3.10).
- WordPress Calendar plugin was closed on 2018 November 2 and is no longer available for download. Please deactivate and uninstall plugin as soon as possible.
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- Name CVE-N/A
- Disclosure date