Vulnerabilities > Theholidaycalendar
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-01 | CVE-2015-9270 | Cross-site Scripting vulnerability in Theholidaycalendar Holiday Calendar XSS exists in the the-holiday-calendar plugin before 1.11.3 for WordPress via the thc-month parameter. | 4.3 |