VYPR

Pretty Google Calendar

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-33640MedApr 29, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LBell Pretty Google Calendar allows Stored XSS.This issue affects Pretty Google Calendar: from n/a through 1.7.2.

  • CVE-2025-12898MedDec 20, 2025
    risk 0.34cvss 5.3epss 0.00

    The Pretty Google Calendar plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the pgcal_ajax_handler() function in all versions up to, and including, 2.0.0. This makes it possible for unauthenticated attackers to retrieve the…