Total-soft Event_calendar
3 CVEs affecting Total-soft Event_calendar. Latest disclosed: 2025-05-15. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-8700 | High | 7.5 | 2025-05-15 | The Event Calendar WordPress plugin through 1.0.4 does not check for authorization on delete actions, allowing unauthenticated users to delete arbitrary calend… |
CVE-2022-38067 | Medium | 6.5 | 2022-09-09 | Unauthenticated Event Deletion vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress. |
CVE-2022-36390 | Medium | 4.1 | 2022-09-21 | Authenticated (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress. |