A plugin that brings in your Breeze church management software data (events, full calendar, pledges, donations and contributions) for display on your WordPress website. It can be displayed via widgets on a sidebar or shortcodes within pages and posts.
This plugin is built and supported by Worship Times and is not an official product of Breeze.
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 6.4 MEDIUM | — | ||
The Breeze Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cal_size’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||