cleantalk
Vulnerabilities and Security Researches

Calendar Plus, CVE-2025-53350

CVE, Research URL

CVE-2025-53350

Home page URL

Security reports for Calendar Plus

Application

Calendar Plus

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through <= 1.2.4.
Affected versions
max 1.2.4.
Status
vulnerable
Previous vulnerability researches
MultiSite Clone Duplicator (CVE-2025-52760) , Nov 10, 2025
New vulnerability
Child Themes (CVE-2025-52755) , Nov 11, 2025
Premmerce Wishlist for WooCommerce (CVE-2025-60191) , Nov 11, 2025
LinkedIn Resume (CVE-2025-12402) , Nov 11, 2025
EM Beer Manager (CVE-2025-11724) , Nov 11, 2025
WP Delicious &#8211; Best WordPress Recipes Plugin (formerly Delicious Recipes) (CVE-2025-11755) , Nov 11, 2025