To plugin page
Monitoring
Coming soon
Find out about vulnerable plugins in your websites for free.
Scan your website
Spiffy Calendar
CVE-2022-29434
Edit/Delete event via IDOR vulnerability discovered in WordPress Spiffy Calendar plugin (versions <= 4.9.0) by Ex.Mi (Patchstack).
Update the WordPress Spiffy Calendar plugin to the latest available version (at least 4.9.1).
Event deletion via CrossSite Request Forgery (CSRF) vulnerability
<= 4.9.0
5.4
10.02.2022
Authenticated Reflected CrossSite Scripting (XSS) vulnerability
<= 4.9.0
4.7
10.02.2022
Admin+ Persistent CrossSite Scripting (XSS) vulnerability
<= 4.9.0
3.4
10.02.2022
Multiple Authenticated Reflected CrossSite Scripting (XSS) vulnerabilities
<= 4.9.0
4.7
10.02.2022
Successfully submit vulnerabilities and receive an invite to our Alliance platform.
Learn more
Close
LinkedIn
Facebook
Twitter