My Calendar – Accessible Event Manager

Medium 6.5

2024-03-15< 3.4.24

CVE-2024-25916

N/A

2024-02-11< 3.4.24

My Calendar <= 3.4.23 - Authenticated (Admin+) Stored Cross-Site Scripting via Events

N/A

2024-02-11< 3.4.24

My Calendar <= 3.4.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Critical 9.8

2023-11-30< 3.4.22

CVE-2023-6360

CVE Wordfence WPScan

N/A

< 2.3.29

My Calendar <= 2.3.28 - Cross-Site Scripting (XSS)

WPScan

N/A

< 2.3.30

My Calendar <= 2.3.29 - Arbitrary File Override & Reflected XSS

WPScan

N/A

< 2.5.17

My Calendar <= 2.5.16 - Authenticated Cross-Site Scripting (XSS)

WPScan

Medium 5.4

2023-05-22< 3.4.4

CVE-2023-23813

N/A

2023-01-20< 3.4.4

My Calendar <= 3.4.3 - Cross-Site Request Forgery

Medium 5.4

2023-03-15< 3.3.25

CVE-2022-47427

N/A

2023-01-03< 3.3.25

My Calendar <= 3.3.24.1 - Cross-Site Request Forgery

N/A

2015-04-20< 2.3.10

My Calendar < 2.3.10 - Reflected Cross-Site Scripting

N/A

2015-05-15< 2.3.30

My Calendar <= 2.3.29 - Path Traversal to Remote Code Execution

N/A

2015-05-15< 2.3.30

My Calendar < 2.3.30 - Reflected Cross-Site Scripting

N/A

2018-04-04< 2.5.17

My Calendar <= 2.5.16 - Authenticated Stored Cross-Site Scripting

N/A

2022-07-18< 3.3.17

My Calendar <= 3.3.16 - Administrator+ Stored Cross-Site Scripting

N/A

2022-08-02< 3.3.17

WordPress My Calendar plugin <= 3.3.16 - Unauthenticated Open Redirect vulnerability

Patchstack Wordfence CVE

N/A

2015-04-20< 2.3.29

WordPress My Calendar Plugin <= 2.3.28 - Cross Site Scripting

N/A

2015-05-15< 2.3.30

WordPress My Calendar Plugin <= 2.3.29 - Multiple Vulnerabilities

N/A

2015-11-06< 2.4.11

WordPress My Calendar Plugin 2.4.10 - Multiple Vulnerabilities

N/A

2018-04-05< 2.5.17

WordPress My Calendar plugin <=2.5.16 - Authenticated Cross-Site Scripting (XSS) vulnerability

N/A

2019-05-06< 3.1.10

WordPress My Calendar plugin <= 3.1.9 - Unauthenticated Cross-Site Scripting (XSS) vulnerability