CVE-2022-25599

Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin (versions <= 4.9.0). Date published : 2022-02-21 https://patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-0-event-deletion-via-cross-site-request-forgery-csrf-vulnerability

https://wordpress.org/plugins/spiffy-calendar/#developers