The 'My Calendar' WordPress Plugin, version < 3.4.22 is affected by an unauthenticated SQL injection vulnerability in the 'from' and 'to' parameters in the '/my-calendar/v1/events' rest route.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.tenable.com/security/research/tra-2023-40 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: tenable
Published: 2023-11-30T15:17:14.959Z
Updated: 2024-08-02T08:28:21.763Z
Reserved: 2023-11-28T10:28:13.482Z
Link: CVE-2023-6360
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-11-30T16:15:11.820
Modified: 2023-12-06T00:38:20.297
Link: CVE-2023-6360
Redhat
No data.