CVE-2025-14548 | Calendar Plugin up to 1.3.16 on WordPress event_desc cross site scripting

December 23, 2025 Yanac

A vulnerability has been found in Calendar Plugin up to 1.3.16 on WordPress and classified as problematic. This affects an unknown part. The manipulation of the argument event_desc leads to cross site scripting.

This vulnerability is listed as CVE-2025-14548. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-14163 | Premium Addons for Elementor Plugin up to 4.11.53 on WordPress insert_inner_template cross-site request forgery
CVE-2025-14155 | Premium Addons for Elementor Plugin up to 4.11.53 on WordPress get_template_content authorization