Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
booking calendar vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-48827
Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML Injection issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.
Phpjabbers Time Slots Booking Calendar 4.0
5.4
CVSSv3
CVE-2023-48828
Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.
Phpjabbers Time Slots Booking Calendar 4.0
7.5
CVSSv3
CVE-2023-48833
A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows malicious users to cause resource exhaustion.
Phpjabbers Time Slots Booking Calendar 4.0
5.4
CVSSv3
CVE-2023-3969
A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promo_...
Gzscripts Availability Booking Calendar Php 1.0
5.4
CVSSv3
CVE-2023-3970
A vulnerability, which was classified as problematic, was found in GZ Scripts Availability Booking Calendar PHP 1.0. This affects an unknown part of the file /index.php?controller=GzUser&action=edit&id=1 of the component Image Handler. The manipulation of the argument img...
Gzscripts Availability Booking Calendar Php 1.0
6.1
CVSSv3
CVE-2023-4117
A vulnerability, which was classified as problematic, has been found in PHP Jabbers Rental Property Booking 2.0. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack may be la...
Phpjabbers Rental Property Booking Calendar 2.0
8.8
CVSSv3
CVE-2023-48826
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List.
Phpjabbers Time Slots Booking Calendar 4.0
6.1
CVSSv3
CVE-2023-3544
A vulnerability was found in GZ Scripts Time Slot Booking Calendar PHP 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scri...
Gzscripts Time Slot Booking Calendar Php 1.8
6.1
CVSSv3
CVE-2023-2298
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'business_id' parameter in versions up to, and including, 4.2.10 due to insufficient input sanitization and output escaping. Thi...
Vcita Online Booking \\& Scheduling Calendar For Wordpress
5.3
CVSSv3
CVE-2023-2299
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized medication of data via the /wp-json/vcita-wordpress/v1/actions/auth REST-API endpoint in versions up to, and including, 4.2.10 due to a missing capability check ...
Vcita Online Booking \\& Scheduling Calendar For Wordpress
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »