Vulnerabilities in joedolson
6 resultsCVE-2026-40308HIGHMy Calendar: Unauthenticated Information Disclosure (IDOR) via Multisite switch_to_blogEPSS 0.9%CVE-2026-7525MEDIUMMy Calendar <= 3.7.9 - Authenticated (Custom+) Missing Authorization to Unauthorized Event Publication via 'event_approved' ParameterEPSS 0.3%CVE-2025-3761HIGHMy Tickets – Accessible Event Ticketing <= 2.0.16 - Authenticated (Subscriber+) Privilege EscalationEPSS 0.3%CVE-2026-2355MEDIUMMy Calendar – Accessible Event Manager <= 3.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode AttributesEPSS 0.3%CVE-2025-3752MEDIUMAble Player, accessible HTML5 media player <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via preload ParameterEPSS 0.2%CVE-2026-2362MEDIUMWP Accessibility <= 2.3.1 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via 'alt' AttributeEPSS 0.2%