VYPR

Calj

by WordPress

Source repositories

CVEs (1)

  • CVE-2026-4117MedApr 22, 2026
    risk 0.34cvss 5.3epss 0.00

    The CalJ plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.5. This is due to a missing capability check in the CalJSettingsPage class constructor, which processes the 'save-obtained-key' operation directly from POST data without…