Vulnerabilities > Spiffyplugins > Spiffy Calendar > 4.9.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-14 | CVE-2023-49745 | Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.5. | 5.4 |
2023-11-03 | CVE-2022-46859 | SQL Injection vulnerability in Spiffyplugins Spiffy Calendar Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.1. | 9.8 |
2023-08-18 | CVE-2023-32122 | Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar Unauth. | 6.1 |