Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
booking calendar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47438
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions.
Wpdevart Booking Calendar
NA
CVE-2023-24388
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).
Wpdevart Booking Calendar
NA
CVE-2022-3982
The Booking calendar, Appointment Booking System WordPress plugin prior to 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE
Wpdevart Booking Calendar
NA
CVE-2022-45824
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.
Elbtide Advanced Booking Calendar
NA
CVE-2022-45822
Unauth. SQL Injection (SQLi) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.
Elbtide Advanced Booking Calendar
NA
CVE-2022-43482
Missing Authorization vulnerability in Appointment Booking Calendar plugin <= 1.3.69 on WordPress.
Codepeople Appointment Booking Calendar
NA
CVE-2021-36854
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
Bookingultrapro Booking Ultra Pro Appointments Booking Calendar
NA
CVE-2021-36855
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
Bookingultrapro Booking Ultra Pro Appointments Booking Calendar
NA
CVE-2022-33177
Cross-Site Request Forgery (CSRF) vulnerability in WPdevelop/Oplugins Booking Calendar plugin <= 9.2.1 at WordPress leading to Translations Update.
Wpbookingcalendar Booking Calendar
3.5
CVSSv2
CVE-2022-1710
The Appointment Hour Booking WordPress plugin prior to 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.
Dwbooster Appointment Hour Booking
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »