Vulnerabilities and security researches forwp-ical-availability wp-ical-availability

Jun 07, 2024

CVE, Research URL: CVE-2023-41853
Home page URL: Security reports for WP iCal Availability
Application: WP iCal Availability
Date: Oct 10, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in WP iCal Availability plugin <= 1.0.3 versions.
Affected versions: Min -, max -.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-46607
Home page URL: Security reports for WP iCal Availability
Application: WP iCal Availability
Date: -
Research Description: The WP iCal Availability plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on one of its functions in versions up to, and including, 1.0.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to invoke this function. The exact impact of this vulnerability is unknown.
Affected versions: Min -, max -.
Status: vulnerable