📦

spidercalendar

Vendor: 10web

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 1 Total Indexed
Avg. EPSS 1.17% Exploit Prob.
Latest CVE CVE-2022-0212 Feb 14

Security Vulnerability Index

Page 1 / 1
6.1 CVSS
CVE-2022-0212

The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue.

EPSS: 1.17%