Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3

Critical0

High0

Medium3

Search Severity Year Type Sort Order

Reset

Showing 1-3 of 3 records

Threat Entry Updated 2025-05-01

CVE-2024-0855 - Spiffy Calendar Plugin

The Spiffy Calendar WordPress plugin before 4.9.9 doesn't check the event_author parameter, and allows any user to alter it when creating an event, leading to deceiving users/admins that a page was created by a Contributor+.

PLUGIN Spiffy Calendar

CVE-2024-0855

MEDIUM CVSS 5.3 2024-02-27

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-02-20

CVE-2022-29434 - Spiffy Calendar Plugin

Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar

PLUGIN Spiffy Calendar

CVE-2022-29434

MEDIUM CVSS 6.3 2022-05-20

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-25599 - Spiffy Calendar Plugin

Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin (versions

PLUGIN Spiffy Calendar

CVE-2022-25599

MEDIUM CVSS 5.4 2022-02-21

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-0855 - Spiffy Calendar Plugin

CVE-2022-29434 - Spiffy Calendar Plugin

CVE-2022-25599 - Spiffy Calendar Plugin

Company Links

Contact Us