Summary
This host is running WordPress Spider Calendar Plugin and is prone to multiple SQL Injection vulnerabilities.
Impact
Successful exploitation could allow attackers to manipulate SQL queries by injecting arbitrary SQL code and gain sensitive information.
Impact Level: Application
Solution
Upgrade to WordPress Spider Calendar Plugin version 1.1.0 or later, For updates refer to http://wordpress.org/extend/plugins/spider-calendar/
Insight
Input passed via the 'calendar_id' parameter to
'front_end/spidercalendarbig_seemore.php' (when 'ev_ids' is set to the id of an available event) is not properly sanitised before being used in a SQL query.
Affected
WordPress Spider Calendar Plugin version 1.0.1
References