VYPR

Kieran O' Shea Calendar

by WordPress

CVEs (1)

  • CVE-2018-18872MedMay 13, 2019
    risk 0.35cvss 5.4epss 0.01

    The Kieran O'Shea Calendar plugin before 1.3.11 for WordPress has Stored XSS via the event_title parameter in a wp-admin/admin.php?page=calendar add action, or the category name during category creation at the wp-admin/admin.php?page=calendar-categories URI.