Events Calendar

Vulnerabilities 6Slug events-calendar

Minimum safe version

6.7.12a

Update to 6.7.12a or later to address 5 fixable vulnerabilities

⚠ 1 vulnerability has no fix
Medium 4.8 Unfixed
2025-05-19≤ 1.0.4

WordPress Event Calendar Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

PatchstackEUVDWordfenceCVE
N/A
2023-11-22< 6.2.8.1

WordPress Event Single Page Templates Addon For The Events Calendar Plugin < 6.2.8.1 is vulnerable to Sensitive Data Exposure

Patchstack
N/A Closed
< 6.7.12a

Events Calendar - wp-admin/admin.php EC_id Parameter XSS

WPScan
N/A Closed
< 6.7.10

Events Calendar - SQL Injection

WPScan
N/A
2010-01-02< 1.4

WordPress Events Plugin - SQL Injection Vulnerability

Patchstack
Critical 9.8 Closed
2018-01-12< 6.7.10

CVE-2018-5315

CVE