source: https://www.securityfocus.com/bid/62269/info The Event Easy Calendar plugin for WordPress is prone to multiple cross-site request-forgery vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible. Event Easy Calendar 1.0.0 is vulnerable; other versions may also be affected. f of Concept ======================== Add Customer Update Customer New Booking Add Service Add Block Out Add Cupon Default Settings Reminder Settings PayPal Settings Mailchimp Settings Facebook Connect Auto Approve Delete All Bookings Restore Factory Settings