CVE-2026-2355 | My Calendar Plugin up to 3.7.3 on WordPress Shortcode template cross site scripting

Inserito da Angelo Barbosa | Mar 4, 2026 | CVE

A vulnerability classified as problematic was found in My Calendar Plugin up to 3.7.3 on WordPress. The affected element is an unknown function of the component Shortcode Handler. The manipulation of the argument template results in cross site scripting.

This vulnerability is cataloged as CVE-2026-2355. The attack may be launched remotely. There is no exploit available.

CVE-2026-2355 | My Calendar Plugin up to 3.7.3 on WordPress Shortcode template cross site scripting

Post correlati

CVE-2024-6332 | Booking for Appointments and Events Calendar Plugin authorization

CVE-2024-45393 | cvat up to 2.17.x authorization (GHSA-p3c9-m7jr-jxxj)

CVE-2025-14052 | youlaitech youlai-mall 1.0.0/2.0.0 members getMemberById memberId access control

CVE-2024-7448 | Magnet Forensics Axiom command injection (ZDI-24-1129)