Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
booking calendar vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-47438
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions.
Wpdevart Booking Calendar
5.4
CVSSv3
CVE-2023-24388
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).
Wpdevart Booking Calendar
9.8
CVSSv3
CVE-2022-3982
The Booking calendar, Appointment Booking System WordPress plugin prior to 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE
Wpdevart Booking Calendar
6.5
CVSSv3
CVE-2022-45824
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.
Elbtide Advanced Booking Calendar
9.8
CVSSv3
CVE-2022-45822
Unauth. SQL Injection (SQLi) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.
Elbtide Advanced Booking Calendar
8.8
CVSSv3
CVE-2022-43482
Missing Authorization vulnerability in Appointment Booking Calendar plugin <= 1.3.69 on WordPress.
Codepeople Appointment Booking Calendar
8.8
CVSSv3
CVE-2021-36854
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
Bookingultrapro Booking Ultra Pro Appointments Booking Calendar
6.1
CVSSv3
CVE-2021-36855
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
Bookingultrapro Booking Ultra Pro Appointments Booking Calendar
4.3
CVSSv3
CVE-2022-33177
Cross-Site Request Forgery (CSRF) vulnerability in WPdevelop/Oplugins Booking Calendar plugin <= 9.2.1 at WordPress leading to Translations Update.
Wpbookingcalendar Booking Calendar
4.8
CVSSv3
CVE-2022-1710
The Appointment Hour Booking WordPress plugin prior to 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.
Dwbooster Appointment Hour Booking
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »