CVE-2025-46528 Information

Description

Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar allows Stored XSS. This issue affects Availability Calendar: from n/a through 0.2.4.

Reference

https://patchstack.com/database/wordpress/plugin/availability/vulnerability/wordpress-availability-calendar-0-2-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve