CVE-2023-6360 | My Calendar Plugin up to 3.4.21 on WordPress /my-calendar/v1/events sql injection

Posted by Angelo Barbosa | Nov 30, 2023 | CVE

A vulnerability classified as critical has been found in My Calendar Plugin up to 3.4.21 on WordPress. Affected is an unknown function of the file /my-calendar/v1/events. The manipulation of the argument to leads to sql injection.

This vulnerability is traded as CVE-2023-6360. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-6360 | My Calendar Plugin up to 3.4.21 on WordPress /my-calendar/v1/events sql injection

Related Posts

CVE-2021-47485 | Linux Kernel up to 5.14.15 qib qib_user_sdma_pkt buffer overflow

CVE-2024-44093 | Google Android drm/code/drm_fw.c ppmp_unprotect_buf memory corruption

CVE-2024-35706 | Team Heateor Heateor Social Login Plugin up to 1.1.32 on WordPress cross site scripting

CVE-2024-38891 | Horizon Business Services Caterease up to 24.0.1.2405 cleartext transmission