Skip to main content

Editorial Calendar

2 CVEs product

Monthly

CVE-2026-32361 MEDIUM This Month

Editorial Calendar through version 3.9.0 contains a DOM-based cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through improper input sanitization during web page generation. An attacker with user privileges can exploit this to execute arbitrary JavaScript in the context of other users' browsers, potentially leading to credential theft or unauthorized actions. No patch is currently available for this vulnerability.

XSS Editorial Calendar
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2023-36520 MEDIUM This Month

Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.7.12. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Editorial Calendar
NVD
CVSS 3.1
5.4
EPSS
0.1%
EPSS 0% CVSS 6.5
MEDIUM This Month

Editorial Calendar through version 3.9.0 contains a DOM-based cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through improper input sanitization during web page generation. An attacker with user privileges can exploit this to execute arbitrary JavaScript in the context of other users' browsers, potentially leading to credential theft or unauthorized actions. No patch is currently available for this vulnerability.

XSS Editorial Calendar
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.7.12. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Editorial Calendar
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy