Spiffy Calendar

Source repositories

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-43969	WordPress Spiffy Calendar	Hig	0.49	7.6	0.01		Sep 17, 2024	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.12.
CVE-2025-68523	Spiffyplugins Spiffy Calendar	Med	0.28	4.3	0.00		Dec 24, 2025	Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spiffy Calendar: from n/a through <= 5.0.7.

CVE-2024-43969HigSep 17, 2024
WordPress
Spiffy Calendar
risk 0.49cvss 7.6epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.12.
CVE-2025-68523MedDec 24, 2025
Spiffyplugins
Spiffy Calendar
risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spiffy Calendar: from n/a through <= 5.0.7.