It is currently Fri Mar 22, 2019 8:22 pm




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: Calendar plugin removed from Wordpress.org due to XSS vuln
Unread postPosted: Sun Nov 04, 2018 10:47 pm 
Offline

Joined: Sun Nov 04, 2018 6:59 pm
Posts: 2
Hi Kieran,

The Calendar plugin has been removed from Wordpress.org due to an XSS vulnerability as described here:

http://wpvulndb.com/vulnerabilities/9141

This evidently applies to all versions of Calendar through the current version (1.3.10).

Do you plan to issue a patch for this?

Thanks,

-- John


Top
 Profile  
 
 Post subject: Re: Calendar plugin removed from Wordpress.org due to XSS vu
Unread postPosted: Sat Feb 16, 2019 6:21 pm 
Offline
User avatar

Joined: Sat May 26, 2007 1:55 pm
Posts: 2048
Location: London
This specific issue with the plugin was resolved and in addition a review was conducted by the WordPress plugin team. The recommendations of the team were also implemented and the plugin has been restored to the repository with a clean bill of health.

_________________
Kieran O'Shea


Top
 Profile  
 
 Post subject: Re: Calendar plugin removed from Wordpress.org due to XSS vu
Unread postPosted: Sun Feb 17, 2019 2:57 pm 
Offline

Joined: Sun Nov 04, 2018 6:59 pm
Posts: 2
Thank you for updating this useful plugin!

— John


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 


Who is online

Users browsing this forum: Google [Bot] and 11 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron