ThreatPress

WordPress Vulnerabilities Database

Back

WordPress My Calendar Plugin <= 2.3.29 - Multiple Vulnerabilities

Product
My Calendar
Description
This plugin is prone to a reflected XSS and arbitrary file override vulnerabilities. Because of them, attackers can override any existing file that is stored on the server or inject arbitrary JavaScript or HTML.
Solution
Update this plugin.
Classification
Type Multi
References
Software Talk
CVE
Name CVE-N/A
Versions
Affected In <= 2.3.29
Fixed In 2.3.30
Disclosure date
2015-05-15
Submitter
ThreatPress