CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9420

Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2017-9420

Sunnythemes » Spiffy Calendar » Version: 1.0.0

cpe:2.3:a:sunnythemes:spiffy_calendar:1.0.0
Sunnythemes » Spiffy Calendar » Version: 1.0.1

cpe:2.3:a:sunnythemes:spiffy_calendar:1.0.1
Sunnythemes » Spiffy Calendar » Version: 1.0.2a

cpe:2.3:a:sunnythemes:spiffy_calendar:1.0.2a
Sunnythemes » Spiffy Calendar » Version: 1.0.3

cpe:2.3:a:sunnythemes:spiffy_calendar:1.0.3
Sunnythemes » Spiffy Calendar » Version: 1.1.0

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.0
Sunnythemes » Spiffy Calendar » Version: 1.1.1

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.1
Sunnythemes » Spiffy Calendar » Version: 1.1.2

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.2
Sunnythemes » Spiffy Calendar » Version: 1.1.3

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.3
Sunnythemes » Spiffy Calendar » Version: 1.1.4

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.4
Sunnythemes » Spiffy Calendar » Version: 1.1.5

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.5
Sunnythemes » Spiffy Calendar » Version: 1.1.6

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.6
Sunnythemes » Spiffy Calendar » Version: 1.1.7

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.7
Sunnythemes » Spiffy Calendar » Version: 1.1.8

cpe:2.3:a:sunnythemes:spiffy_calendar:1.1.8
Sunnythemes » Spiffy Calendar » Version: 1.2.0

cpe:2.3:a:sunnythemes:spiffy_calendar:1.2.0
Sunnythemes » Spiffy Calendar » Version: 1.2.1

cpe:2.3:a:sunnythemes:spiffy_calendar:1.2.1
Sunnythemes » Spiffy Calendar » Version: 1.3.0

cpe:2.3:a:sunnythemes:spiffy_calendar:1.3.0
Sunnythemes » Spiffy Calendar » Version: 1.3.1

cpe:2.3:a:sunnythemes:spiffy_calendar:1.3.1
Sunnythemes » Spiffy Calendar » Version: 2.0.0

cpe:2.3:a:sunnythemes:spiffy_calendar:2.0.0
Sunnythemes » Spiffy Calendar » Version: 2.0.1

cpe:2.3:a:sunnythemes:spiffy_calendar:2.0.1
Sunnythemes » Spiffy Calendar » Version: 2.1.0

cpe:2.3:a:sunnythemes:spiffy_calendar:2.1.0
Sunnythemes » Spiffy Calendar » Version: 2.1.1

cpe:2.3:a:sunnythemes:spiffy_calendar:2.1.1
Sunnythemes » Spiffy Calendar » Version: 2.1.2

cpe:2.3:a:sunnythemes:spiffy_calendar:2.1.2
Sunnythemes » Spiffy Calendar » Version: 2.1.3

cpe:2.3:a:sunnythemes:spiffy_calendar:2.1.3
Sunnythemes » Spiffy Calendar » Version: 3.0.0

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.0
Sunnythemes » Spiffy Calendar » Version: 3.0.1

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.1
Sunnythemes » Spiffy Calendar » Version: 3.0.2

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.2
Sunnythemes » Spiffy Calendar » Version: 3.0.3

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.3
Sunnythemes » Spiffy Calendar » Version: 3.0.4

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.4
Sunnythemes » Spiffy Calendar » Version: 3.0.5

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.5
Sunnythemes » Spiffy Calendar » Version: 3.0.6

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.6
Sunnythemes » Spiffy Calendar » Version: 3.0.7

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.7
Sunnythemes » Spiffy Calendar » Version: 3.0.8

cpe:2.3:a:sunnythemes:spiffy_calendar:3.0.8
Sunnythemes » Spiffy Calendar » Version: 3.1.0

cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.0
Sunnythemes » Spiffy Calendar » Version: 3.1.1

cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.1
Sunnythemes » Spiffy Calendar » Version: 3.1.2

cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.2
Sunnythemes » Spiffy Calendar » Version: 3.1.3

cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.3
Sunnythemes » Spiffy Calendar » Version: 3.1.4

cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.4
Sunnythemes » Spiffy Calendar » Version: 3.1.5

cpe:2.3:a:sunnythemes:spiffy_calendar:3.1.5
Sunnythemes » Spiffy Calendar » Version: 3.2.0

cpe:2.3:a:sunnythemes:spiffy_calendar:3.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9420

Products

Pricing

Contact Us