Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2018-20556

🗓️ 21 Mar 2019 16:36:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 60 Views🌐 WEB

SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPres

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Prion		Sql injection
21 Mar 201916:00
prion
Cvelist		CVE-2018-20556
18 Mar 201915:43
cvelist
Check Point Advisories		WordPress Booking Calendar Plugin SQL Injection (CVE-2018-20556)
28 Nov 202200:00
checkpoint_advisories
Patchstack		WordPress Booking Calendar plugin <= 8.4.5.14 - SQL Injection (SQLi) vulnerability
14 Feb 201900:00
patchstack
RedhatCVE		CVE-2018-20556
22 May 202507:41
redhatcve
0day.today		WordPress Booking Calendar 8.4.3 Plugin - Authenticated SQL Injection Vulnerability
15 Feb 201900:00
zdt
Exploit DB		WordPress Plugin Booking Calendar 8.4.3 - (Authenticated) SQL Injection
14 Feb 201900:00
exploitdb
NVD		CVE-2018-20556
21 Mar 201916:00
nvd
Packet Storm		WordPress Booking Calendar 8.4.3 SQL Injection
15 Feb 201900:00
packetstorm
OpenVAS		WordPress Booking Calendar Plugin < 8.4.5 SQL Injection Vulnerability
28 Mar 201900:00
openvas
Rows per page
Nvd
Node
booking_calendar_projectbooking_calendarMatch8.4.3wordpress
ParameterPositionPathDescriptionCWE
booking_idrequest body/wp-admin/admin-ajax.phpAuthenticated SQL Injection vulnerability in Booking Calendar plugin allows attackers to execute arbitrary SQL commands via the booking_id parameter.CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
21 Mar 2019 16:00Current
9.1High risk
Vulners AI Score9.1
CVSS26.5
CVSS38.8
EPSS0.14676
CWE-89
cve-2018-20556sql injectionbooking calendar pluginwordpressvulnerabilityremote attackersarbitrary sql commandsbooking_id parameter
60
.json
Report