Vulnerabilities > Theholidaycalendar

DATE CVE VULNERABILITY TITLE RISK
2018-10-01 CVE-2015-9270 Cross-site Scripting vulnerability in Theholidaycalendar Holiday Calendar
XSS exists in the the-holiday-calendar plugin before 1.11.3 for WordPress via the thc-month parameter.
network
low complexity
theholidaycalendar CWE-79
6.1