Medium severity6.3NVD Advisory· Published May 20, 2022· Updated Jun 17, 2026
CVE-2022-29434
CVE-2022-29434
Description
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=4.9.0
- Spiffy Plugins/Spiffy Calendarv5Range: <= 4.9.0
Patches
Vulnerability mechanics
References
2- patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-0-edit-delete-event-via-idor-vulnerabilitynvdRelease NotesThird Party Advisory
- wordpress.org/plugins/spiffy-calendar/nvdProductRelease Notes
News mentions
0No linked articles in our index yet.