Vulnerabilities > Xtendify > Simple Calendar
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-8549 | Cross-site Scripting vulnerability in Xtendify Simple Calendar The Simple Calendar – Google Calendar Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.4.2. | 6.1 |
| 2023-10-25 | CVE-2023-46189 | Unspecified vulnerability in Xtendify Simple Calendar Cross-Site Request Forgery (CSRF) vulnerability in Simple Calendar – Google Calendar Plugin <= 3.2.5 versions. | 8.8 |