Unrated severityNVD Advisory· Published Oct 1, 2012· Updated Apr 29, 2026

CVE-2012-4242

Description

Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page.

Affected products

Mf Gig Calendar Project/Mf Gig Calendar
cpe:2.3:a:mf_gig_calendar_project:mf_gig_calendar:0.9.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.reactionpenetrationtesting.co.uk/mf-gig-calendar-xss.htmlnvdExploit
www.securityfocus.com/bid/55622nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000