Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
codepeople vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-10099
A vulnerability classified as critical has been found in CP Appointment Calendar Plugin up to 1.1.5 on WordPress. This affects the function dex_process_ready_to_go_appointment of the file dex_appointments.php. The manipulation of the argument itemnumber leads to sql injection. It...
Codepeople Cp Appointment Calendar
NA
CVE-2014-125091
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiat...
Codepeople Polls Cp 1.0.1
NA
CVE-2023-0389
The Calculated Fields Form WordPress plugin prior to 1.1.151 does not sanitise and escape some of its form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for exa...
Codepeople Calculated Fields Form
7.5
CVSSv2
CVE-2016-10916
The appointment-booking-calendar plugin prior to 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319.
Codepeople Appointment Booking Calendar
NA
CVE-2023-51517
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CodePeople Calculated Fields Form.This issue affects Calculated Fields Form: from n/a up to and including 1.2.28.
Codepeople Calculated Fields Form
4.3
CVSSv2
CVE-2016-10908
The booking-calendar-contact-form plugin prior to 1.0.24 for WordPress has XSS.
Codepeople Booking Calendar Contact Form
7.5
CVSSv2
CVE-2016-10909
The booking-calendar-contact-form plugin prior to 1.0.24 for WordPress has SQL injection.
Codepeople Booking Calendar Contact Form
4.3
CVSSv2
CVE-2019-14791
The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter.
Codepeople Appointment Booking Calendar 1.3.18
NA
CVE-2023-23971
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodePeople WP Time Slots Booking Form plugin <= 1.1.81 versions.
Codepeople Wp Time Slots Booking Form
3.5
CVSSv2
CVE-2022-0389
The WP Time Slots Booking Form WordPress plugin prior to 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Codepeople Wp Time Slots Booking Form
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »