CVE-2015-9270

CVE-2015-9270

EPSS 1.0%

XSS exists in the the-holiday-calendar plugin before 1.11.3 for WordPress via the thc-month parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://seclists.org/fulldisclosure/2015/Jul/125 https://wordpress.org/plugins/the-holiday-calendar/#developers