CVE-2024-0855 in Spiffy Calendar Pluginالمعلومات

الملخص

بحسب MITRE • 27/02/2024

The Spiffy Calendar WordPress plugin before 4.9.9 doesn't check the event_author parameter, and allows any user to alter it when creating an event, leading to deceiving users/admins that a page was created by a Contributor+.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

حجز

24/01/2024

إفشاء

27/02/2024

الاعتدال

تمت الموافقة

إدخال

VDB-254868

EPSS

0.00482

KEV

لا

النشاطات

منخفض جدًا

المصادر

Want to stay up to date on a daily basis?

Enable the mail alert feature now!