CVE-2025-46249 – Elementor Simple Calendar CSRF

April 22, 2025

CVE ID : CVE-2025-46249

Published : April 22, 2025, 10:15 a.m. | 58 minutes ago

Description : Cross-Site Request Forgery (CSRF) vulnerability in Michael Simple calendar for Elementor allows Cross Site Request Forgery. This issue affects Simple calendar for Elementor: from n/a through 1.6.4.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46250 – Vikas Ratudi VForm Cross-site Scripting

Next Article CVE-2025-46247 – Codepeople Appointment Booking Calendar Missing Authorization Vulnerability

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-46249 – Elementor Simple Calendar CSRF

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

CVE-2025-3503 – “WP Maps Stored Cross-Site Scripting Vulnerability”

CVE-2025-5680 – Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script Handler Remote Deserialization Vulnerability

Local information disclosure in apport and systemd-coredump

WhatsApp privacy is ‘broken,’ reveals proof-of-concept hack

CVE-2025-5728 – SourceCodester Open Source Clinic Management System Unrestricted File Upload Vulnerability

Rilasciato Incus 6.12: Novità per Container e Macchine Virtuali su GNU/Linux

CVE-2025-5152 – “Chanjet CRM SQL Injection Vulnerability”

Rilasciato Chrome 135: Miglioramenti nella privacy, sicurezza e sviluppo web

CVE-2025-46249 – Elementor Simple Calendar CSRF

Related Posts