CVE-2025-31572

UNKNOWN 0.0

WordPress Multi Days Events and Multi Events in One Day Calendar plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Cross-Site Request Forgery (CSRF) vulnerability in v20202020 Multi Days Events and Multi Events in One Day Calendar dragon-calendar-free-version allows Cross Site Request Forgery.This issue affects Multi Days Events and Multi Events in One Day Calendar: from n/a through <= 1.1.3.

CWE	CWE-352
Vendor	v20202020
Product	multi days events and multi events in one day calendar
Published	Mar 31, 2025
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for v20202020 multi days events and multi events in one day calendar

Be the first to know when new unknown vulnerabilities affecting v20202020 multi days events and multi events in one day calendar are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

v20202020 / Multi Days Events and Multi Events in One Day Calendar

0 ≤ 1.1.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/dragon-calendar-free-version/vulnerability/wordpress-multi-days-events-and-multi-events-in-one-day-calendar-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Credits

Pham Van Tam | Patchstack Bug Bounty Program