Offshorewebmaster Availability Calendar — known CVE vulnerabilities
Every CVE whose affected-product data names Offshorewebmaster Availability Calendar, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-24606 — CVSS 8.8 (high): The Availability Calendar WordPress plugin before 1.2.1 does not escape the category attribute from its shortcode before using it in a SQL…
CVE-2023-48744 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue…
CVE-2021-24604 — CVSS 4.8 (medium): The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post…