cleantalk
Vulnerabilities and Security Researches

Embed Calendly, CVE-2026-32411

CVE, Research URL

CVE-2026-32411

Home page URL

Security reports for Embed Calendly

Application

Embed Calendly

Published on
Mar 14, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simpma Embed Calendly embed-calendly-scheduling allows Stored XSS.This issue affects Embed Calendly: from n/a through <= 4.4.
Affected versions
max 4.4.
Status
vulnerable
Previous vulnerability researches
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-27327) , Mar 29, 2026
New vulnerability
ElementInvader Addons for Elementor (CVE-2026-25007) , Mar 30, 2026
Featured Image from Content (CVE-2026-27759) , Mar 30, 2026
Mollie Payments for WooCommerce (CVE-2025-68501) , Mar 30, 2026
SMTP &#8211; 100% Free &amp; Open Source SMTP plugin for WordPress &#8211; Bit SMTP (CVE-2026-32519) , Mar 30, 2026
Responsive Starter Templates &#8211; Elementor &amp; WordPress Templates (CVE-2025-15488) , Mar 30, 2026