Vulnerabilities > Offshorewebmaster > Availability Calendar > 1.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-48744 | Unspecified vulnerability in Offshorewebmaster Availability Calendar Cross-Site Request Forgery (CSRF) vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue affects Availability Calendar: from n/a through 1.2.6. | 8.8 |
| 2021-09-20 | CVE-2021-24604 | Unspecified vulnerability in Offshorewebmaster Availability Calendar The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 4.8 |