Vulnerabilities > Spiffyplugins

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-20	CVE-2022-29434	Authorization Bypass Through User-Controlled Key vulnerability in Spiffyplugins Spiffy Calendar Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events. network low complexity spiffyplugins CWE-639	5.4
2022-02-21	CVE-2022-25599	Cross-Site Request Forgery (CSRF) vulnerability in Spiffyplugins Spiffy Calendar Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin (versions <= 4.9.0). network low complexity spiffyplugins CWE-352	4.3

Vulnerabilities > Spiffyplugins {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Spiffyplugins"}]}