Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
booking calendar vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-32511
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.8 versions.
Bookingultrapro Booking Ultra Pro Appointments Booking Calendar
8.8
CVSSv3
CVE-2022-46816
Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.4 versions.
Bookingultrapro Booking Ultra Pro Appointments Booking Calendar
8.8
CVSSv3
CVE-2021-36854
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
Bookingultrapro Booking Ultra Pro Appointments Booking Calendar
6.1
CVSSv3
CVE-2021-36855
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
Bookingultrapro Booking Ultra Pro Appointments Booking Calendar
6.1
CVSSv3
CVE-2023-4620
The Booking Calendar WordPress plugin prior to 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators
Wpbookingcalendar Booking Calendar
4.3
CVSSv3
CVE-2022-33177
Cross-Site Request Forgery (CSRF) vulnerability in WPdevelop/Oplugins Booking Calendar plugin <= 9.2.1 at WordPress leading to Translations Update.
Wpbookingcalendar Booking Calendar
9.8
CVSSv3
CVE-2022-3982
The Booking calendar, Appointment Booking System WordPress plugin prior to 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE
Wpdevart Booking Calendar
5.4
CVSSv3
CVE-2023-51520
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPdevelop / Oplugins WP Booking Calendar allows Stored XSS.This issue affects WP Booking Calendar: from n/a prior to 9.7.4.
Wpbookingcalendar Booking Calendar
5.4
CVSSv3
CVE-2023-24388
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).
Wpdevart Booking Calendar
9.8
CVSSv3
CVE-2022-47428
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a up to and including...
Wpdevart Booking Calendar
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »