Vulnerabilities > Sunnythemes

DATE CVE VULNERABILITY TITLE RISK
2017-06-05 CVE-2017-9420 Cross-site Scripting vulnerability in Sunnythemes Spiffy Calendar
Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.
4.3