Vulnerabilities (CVE)

Filtered by vendor Sunnythemes Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9420 1 Sunnythemes 1 Spiffy Calendar 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.