My Calendar, CVE-2022-36371

CVE, Research URL: CVE-2022-36371
Home page URL: Security reports for My Calendar
Application: My Calendar
Published on: -
Research Description: The My Calendar plugin for WordPress is vulnerable to Open Redirection in versions up to, and including, 3.3.16. This makes it possible for unauthenticated attackers to create links that look to be part of an affected site, but will redirect to the attacker's target. This vulnerability can be utilized for malicious redirection and can also be used for phishing.
Affected versions: max 3.3.16.
Status: vulnerable