The My Calendar plugin for WordPress has a security issue in versions up to 3.3.24.1. An attacker who tricks a site administrator into clicking a link can remove events or locations from the site without being logged in. This is because the plugin does not properly validate certain requests that delete events and locations
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
