Vulnerabilities > MY Calendar Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2023-23813 | Cross-Site Request Forgery (CSRF) vulnerability in MY Calendar Project MY Calendar Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versions. | 8.8 |
| 2023-03-15 | CVE-2022-47427 | Cross-Site Request Forgery (CSRF) vulnerability in MY Calendar Project MY Calendar Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions. | 8.8 |
| 2021-11-29 | CVE-2021-24927 | Cross-site Scripting vulnerability in MY Calendar Project MY Calendar The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue | 3.5 |
| 2019-08-28 | CVE-2019-15713 | Cross-site Scripting vulnerability in MY Calendar Project MY Calendar The my-calendar plugin before 3.1.10 for WordPress has XSS. | 4.3 |