5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.9%
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events.
patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-0-edit-delete-event-via-idor-vulnerability
wordpress.org/plugins/spiffy-calendar/