Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Spiffy Plugins — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting Spiffy Plugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Spiffy Plugins:Spiffy CalendarWP Flow PlusSpiffy Calendar (WordPress plugin)
CVE IDTitleCVSSSeverityPaused
CVE-2025-68523 WordPress Spiffy Calendar plugin <= 5.0.7 - Broken Access Control vulnerability — Spiffy CalendarCWE-862 4.3 Medium2025-12-24
CVE-2025-58625 WordPress WP Flow Plus Plugin <= 5.2.5 - Cross Site Scripting (XSS) Vulnerability — WP Flow PlusCWE-79 5.9 Medium2025-09-03
CVE-2024-49695 WordPress WP Flow Plus plugin <= 5.2.3 - Cross Site Scripting (XSS) vulnerability — WP Flow PlusCWE-79 6.5 Medium2024-10-24
CVE-2024-43969 WordPress Spiffy Calendar plugin <= 4.9.12 - SQL Injection vulnerability — Spiffy CalendarCWE-89 7.6 High2024-09-17
CVE-2024-45457 WordPress Spiffy Calendar plugin <= 4.9.13 - Cross Site Scripting (XSS) vulnerability — Spiffy CalendarCWE-79 6.5 Medium2024-09-15
CVE-2024-45458 WordPress Spiffy Calendar plugin <= 4.9.13 - Reflected Cross Site Scripting (XSS) vulnerability — Spiffy CalendarCWE-79 7.1 High2024-09-15
CVE-2024-38692 WordPress spiffy-calendar plugin <= 4.9.11 - SQL Injection vulnerability — Spiffy CalendarCWE-89 7.6 High2024-07-22
CVE-2024-30528 WordPress Spiffy Calendar plugin <= 4.9.10 - Broken Access Control vulnerability — Spiffy CalendarCWE-862 5.4 Medium2024-06-04
CVE-2024-35651 WordPress WP Flow Plus plugin <= 5.2.2 - Cross Site Scripting (XSS) vulnerability — WP Flow PlusCWE-79 6.5 Medium2024-06-04
CVE-2024-30427 WordPress Spiffy Calendar plugin <= 4.9.7 - Cross Site Scripting (XSS) vulnerability — Spiffy CalendarCWE-79 7.1 High2024-03-29
CVE-2023-49745 WordPress Spiffy Calendar Plugin <= 4.9.5 is vulnerable to Cross Site Scripting (XSS) — Spiffy CalendarCWE-79 6.5 Medium2023-12-14
CVE-2022-46859 WordPress Spiffy Calendar Plugin <= 4.9.1 is vulnerable to SQL Injection — Spiffy CalendarCWE-89 9.8 -2023-11-03
CVE-2023-32122 WordPress Spiffy Calendar Plugin <= 4.9.3 is vulnerable to Cross Site Scripting (XSS) — Spiffy CalendarCWE-79 5.8 Medium2023-08-18
CVE-2022-29434 WordPress Spiffy Calendar plugin <= 4.9.0 - Edit/Delete event via IDOR vulnerability — Spiffy Calendar 6.3 Medium2022-05-20
CVE-2022-25599 WordPress Spiffy Calendar plugin <= 4.9.0 - Event deletion via Cross-Site Request Forgery (CSRF) vulnerability — Spiffy Calendar (WordPress plugin)CWE-352 5.4 Medium2022-02-21

This page lists every published CVE security advisory associated with Spiffy Plugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.