WordPress Spiffy Calendar Plugin <= 4.9.5 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-49745
6.5MEDIUM
What is CVE-2023-49745?
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.5.
Affected Version(s)
Spiffy Calendar <= 4.9.5