Skip to main content
Loading…
    CVE-2017-9420 — Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter. — CVE Database · The Intelligence Room