cleantalk
Vulnerabilities and Security Researches

My Calendar, 1b5d555c435278e0c5b11486f75e0e7a4556c983

CVE, Research URL

1b5d555c435278e0c5b11486f75e0e7a4556c983

Home page URL

Security reports for My Calendar

Application

My Calendar

Published on
May 15, 2015
Research Description
My Calendar &#8211; Accessible Event Manager [my-calendar] < 2.3.30 My Calendar <= 2.3.29 - Path Traversal to Remote Code Execution The My Calendar plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 2.3.29 via the 'edit_my_calendar_styles' function in the 'my-calendar-styles.php' file. This allows unauthenticated attackers to overwrite the contents of all files the vulnerable service has access to, including adding executable PHP to PHP files.
Affected versions
max 2.3.30.
Status
vulnerable
Previous vulnerability researches
WPvivid Backup for MainWP (ec00cf2f6a6757dc3371250c1689bf0e482f89f9) , Jun 16, 2026
WPvivid Backup for MainWP (2c3fbbc425bd92d0f969e669e6a4b8564997aa02) , Jun 16, 2026
WPvivid Backup for MainWP (CVE-2024-35664) , Jun 06, 2024
WPvivid Backup for MainWP (CVE-2024-1383) , Jun 06, 2024
New vulnerability
MasterStudy LMS WordPress Plugin – for Online Courses and Education (ec94093db88b154d60efe598d24bfd6f4844e90d) , Jun 16, 2026
MasterStudy LMS WordPress Plugin – for Online Courses and Education (9b4e341c2ec92e66350e8027601554ee2a863a3a) , Jun 16, 2026
MasterStudy LMS WordPress Plugin – for Online Courses and Education (c1205f27515b7932bb2cf9e3082131a62daafdfe) , Jun 16, 2026
MasterStudy LMS WordPress Plugin – for Online Courses and Education (f43455118aba6c7f086e83f8998f7de9f947fd1a) , Jun 16, 2026
WPBITS Addons For Elementor Page Builder (5d63984f64e2d907fb7992a8ff8ef8781dce2364) , Jun 16, 2026