RSS   Podatności dla 'My calendar'   RSS

2021-11-29
 
CVE-2021-24927

CWE-79
 

 
The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue

 
2019-08-28
 
CVE-2019-15713

CWE-79
 

 
The my-calendar plugin before 3.1.10 for WordPress has XSS.

 


Copyright 2024, cxsecurity.com

 

Back to Top