Vulnerabilities > Spiffyplugins > Spiffy Calendar > 4.9.11

DATE CVE VULNERABILITY TITLE RISK
2024-09-15 CVE-2024-45457 Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13.
network
low complexity
spiffyplugins CWE-79
5.4
5.4
2024-09-15 CVE-2024-45458 Cross-site Scripting vulnerability in Spiffyplugins Spiffy Calendar
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13.
network
low complexity
spiffyplugins CWE-79
6.1
6.1
2024-07-22 CVE-2024-38692 Unspecified vulnerability in Spiffyplugins Spiffy Calendar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.11.
network
low complexity
spiffyplugins
7.2
7.2