Every CVE whose affected-product data names Mf Gig Calendar Project Mf Gig Calendar, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-50842 — CVSS 8.5 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Matthew Fries MF Gig Calendar.This…
CVE-2024-3756 — CVSS 7.5 (high): The MF Gig Calendar WordPress plugin through 1.2.1 does not have CSRF checks in some places, which could allow attackers to make logged in…
CVE-2021-24510 — CVSS 6.1 (medium): The MF Gig Calendar WordPress plugin before 1.2 does not sanitise and escape the id GET parameter before outputting back in the admin…
CVE-2024-33651 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a through…
CVE-2024-3755 — CVSS 5.4 (medium): The MF Gig Calendar WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2012-4242 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web…