Lucene search
WpvulndbWPVDB-ID:015A9DB0-9C91-4E69-BC4C-909C3CF6C7F6HistoryJan 04, 2023 - 12:00 a.m.
My Calendar < 3.3.25 - Event/Location Deletion via CSRF
2023-01-0400:00:00
wpscan.com
1
calendar plugin
csrf attack
event deletion
location deletion
admin vulnerability
0.001 Low
EPSS
Percentile
27.7%
The plugin does not have CSRF checks when deleting events and locations, which could allow attackers to make logged in admins perform such actions via CSRF attacks
| CPE | Name | Operator | Version |
|---|---|---|---|
| my-calendar | lt | 3.3.25 |
Related
nvd
nvd
CVE-2022-47427
2023-03-15 11:15:09
prion
prion
Cross site request forgery (csrf)
2023-03-15 11:15:00
cve
cve
CVE-2022-47427
2023-03-15 11:15:09
cvelist
cvelist