| CVE-2025-22497 | WordPress Simple Google Calendar Outlook Events Block Widget plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability | bramwaas | Simple Google Calendar Outlook Events Block Widget | Medium | 6.5 | 2025-03-27 15:31:34 | Deep Dive |
| CVE-2025-28939 | WordPress WP Google Calendar Manager plugin <= 2.1 - SQL Injection vulnerability | EuroCizia | WP Google Calendar Manager | High | 8.5 | 2025-03-26 14:24:26 | Deep Dive |
| CVE-2025-26536 | WordPress Another Events Calendar Plugin <= 1.7.0 - Reflected Cross Site Scripting (XSS) vulnerability | Yendif Player | Another Events Calendar | High | 7.1 | 2025-03-26 14:24:18 | Deep Dive |
| CVE-2024-10703 | Registrations for The Events Calendar < 2.13.4 - Admin+ Stored XSS | Unknown | Registrations for the Events Calendar | 中危 | - | 2025-03-25 06:00:10 | Deep Dive |
| CVE-2025-1770 | Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Authenticated (Contributor+) Local File Inclusion | arraytics | Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) | High | 8.8 | 2025-03-20 05:22:35 | Deep Dive |
| CVE-2025-1766 | Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status Update | arraytics | Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) | Medium | 5.3 | 2025-03-20 05:22:35 | Deep Dive |
| CVE-2025-1119 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.5 - Unauthenticated Arbitrary Shortcode Execution | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 7.3 | 2025-03-13 06:56:57 | Deep Dive |
| CVE-2024-13431 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.3 - Reflected Cross-Site Scripting | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | Medium | 6.1 | 2025-03-07 08:21:28 | Deep Dive |
| CVE-2024-13526 | EventPrime – Events Calendar, Bookings and Tickets <= 4.0.7.3 - Missing Authorization to Authenticated (Subscriber+) Event Attendees Export | metagauss | EventPrime – Events Calendar, Bookings and Tickets | Medium | 4.3 | 2025-03-07 01:44:54 | Deep Dive |
| CVE-2025-26967 | WordPress Events Calendar for GeoDirectory plugin <= 2.3.14 - PHP Object Injection vulnerability | Stiofan | Events Calendar for GeoDirectory | High | 8.8 | 2025-03-03 13:30:42 | Deep Dive |
| CVE-2025-23526 | WordPress Swift Calendar Online Appointment Scheduling plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability | SwiftCloud | Swift Calendar Online Appointment Scheduling | High | 7.1 | 2025-03-03 13:30:10 | Deep Dive |
| CVE-2024-13746 | Booking Calendar and Notification <= 4.0.3 - Missing Authorization via wpcb_all_bookings, wpcb_update_booking_post, and wpcb_delete_posts Functions | imznarf | Booking Calendar and Notification | Medium | 6.5 | 2025-03-01 04:21:49 | Deep Dive |
| CVE-2025-1410 | Events Calendar Made Simple – Pie Calendar <= 1.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via piecal Shortcode | apexws | Pie Calendar – Events Calendar Made Simple | Medium | 6.4 | 2025-02-21 08:21:37 | Deep Dive |
| CVE-2024-11260 | Events Manager – Calendar, Bookings, Tickets, and more! <= 6.6.3 - Unauthenticated SQL Injection via Event Status Parameter | netweblogic | Events Manager – Calendar, Bookings, Tickets, and more! | High | 7.5 | 2025-02-21 05:22:32 | Deep Dive |
| CVE-2024-13677 | GetBookingsWp - Appointments & Bookings Plugin Basic Version <= 1.1.27 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover | istmoplugins | GetBookingsWP – Appointments Booking Calendar Plugin For WordPress | High | 8.8 | 2025-02-18 04:21:20 | Deep Dive |
| CVE-2025-25224 | LuxSoft LuxCal Web Calendar 访问控制错误漏洞 | LuxSoft | The LuxCal Web Calendar | 中危 | - | 2025-02-18 00:12:22 | Deep Dive |
| CVE-2025-25223 | LuxSoft LuxCal Web Calendar 路径遍历漏洞 | LuxSoft | The LuxCal Web Calendar | 中危 | - | 2025-02-18 00:11:36 | Deep Dive |
| CVE-2025-25222 | LuxSoft LuxCal Web Calendar SQL注入漏洞 | LuxSoft | The LuxCal Web Calendar | 高危 | - | 2025-02-18 00:11:03 | Deep Dive |
| CVE-2025-25221 | LuxSoft LuxCal Web Calendar SQL注入漏洞 | LuxSoft | The LuxCal Web Calendar | 高危 | - | 2025-02-18 00:10:26 | Deep Dive |
| CVE-2024-13821 | WP Booking Calendar <= 10.10 - Unauthenticated Post-Confirmation Booking Manipulation | wpdevelop | Booking Calendar | Medium | 5.3 | 2025-02-12 07:35:38 | Deep Dive |