cleantalk
Vulnerabilities and Security Researches

WordPress Events Calendar Plugin – connectDaily, CVE-2025-32597

CVE, Research URL

CVE-2025-32597

Home page URL

Security reports for WordPress Events Calendar Plugin – connectDaily

Application

WordPress Events Calendar Plugin – connectDaily

Published on
Apr 09, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily allows Cross-Site Scripting (XSS). This issue affects WordPress Events Calendar Plugin – connectDaily: from n/a through 1.4.8.
Affected versions
Min -, max 1.4.8.
Status
vulnerable
Previous vulnerability researches
Page Takeover (CVE-2025-31470) , Apr 03, 2025
New vulnerability
WordPress Contact Form, Drag and Drop Form Builder Plugin – Live Forms (CVE-2025-39560) , Apr 18, 2025
CRUDLab Scroll to Top (CVE-2025-22774) , Apr 18, 2025
Editor Wysiwyg Background Color (CVE-2025-23958) , Apr 18, 2025
Subscribe to Unlock Lite – Opt In Content Locker Plugin for WordPress (CVE-2025-39592) , Apr 18, 2025
Membership For WooCommerce – Add Simple Membership Plans, Recurring Revenue, Product Tags & Send Emails To Members wi (CVE-2025-39579) , Apr 18, 2025