Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Calendar Simple Calendar – Google Calendar Plugin allows Stored XSS.This issue affects Simple Calendar – Google Calendar Plugin: from n/a through...
6.5CVSS
5.4AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Simple Calendar – Google Calendar Plugin <= 3.2.5...
8.8CVSS
8.8AI Score
0.001EPSS
The Simple Events Calendar WordPress plugin through 1.4.0 does not sanitise, validate or escape the event_id POST parameter before using it in a SQL statement when deleting events, leading to an authenticated SQL injection...
7.2CVSS
7.1AI Score
0.001EPSS