Vulnerabilities > Spiffyplugins

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-24	CVE-2024-49695	Cross-site Scripting vulnerability in Spiffyplugins WP Flow Plus Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.3. network low complexity spiffyplugins CWE-79	5.4
2024-09-15	CVE-2024-45457	Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13. network low complexity spiffyplugins CWE-79	5.4
2024-09-15	CVE-2024-45458	Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13. network low complexity spiffyplugins CWE-79	6.1
2024-07-22	CVE-2024-38692	SQL Injection vulnerability in Spiffyplugins Spiffy Calendar Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.11. network low complexity spiffyplugins CWE-89	7.2
2024-06-04	CVE-2024-30528	Missing Authorization vulnerability in Spiffyplugins Spiffy Calendar Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar.This issue affects Spiffy Calendar: from n/a through 4.9.10. network low complexity spiffyplugins CWE-862	6.3
2024-06-04	CVE-2024-35651	Cross-site Scripting vulnerability in Spiffyplugins WP Flow Plus Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2. network low complexity spiffyplugins CWE-79	5.4
2023-12-14	CVE-2023-49745	Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.5. network low complexity spiffyplugins CWE-79	5.4
2023-11-03	CVE-2022-46859	SQL Injection vulnerability in Spiffyplugins Spiffy Calendar Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.1. network low complexity spiffyplugins CWE-89 critical	9.8
2023-08-18	CVE-2023-32122	Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar Unauth. network low complexity spiffyplugins CWE-79	6.1
2022-05-20	CVE-2022-29434	Authorization Bypass Through User-Controlled Key vulnerability in Spiffyplugins Spiffy Calendar Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events. network low complexity spiffyplugins CWE-639	5.4

Vulnerabilities > Spiffyplugins {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Spiffyplugins"}]}

Vulnerabilities > Spiffyplugins