cleantalk
Vulnerabilities and Security Researches

Availability Calendar, CVE-2025-46528

CVE, Research URL

CVE-2025-46528

Home page URL

Security reports for Availability Calendar

Application

Availability Calendar

Published on
Apr 24, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar allows Stored XSS. This issue affects Availability Calendar: from n/a through 0.2.4.
Affected versions
Min -, max 0.2.4.
Status
vulnerable
Previous vulnerability researches
WPExperts Square For GiveWP (CVE-2024-13713) , Feb 22, 2025
WPExperts Square For GiveWP (CVE-2024-47338) , Sep 30, 2024
New vulnerability
Ajax Comment Form CST (CVE-2025-3867) , Apr 27, 2025
Best Quiz Plugin for WordPress: WP Quiz (CVE-2025-46482) , Apr 27, 2025
Database Toolset (CVE-2025-3065) , Apr 27, 2025
Control Listings – Classifieds Ads Directory Portal Manager (CVE-2025-46234) , Apr 26, 2025
WordPress Tooltip (CVE-2025-46532) , Apr 26, 2025