A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource...
7.5CVSS
7.3AI Score
0.001EPSS
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country...
5.4CVSS
7.6AI Score
0.0004EPSS
A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country name parameter to...
6.1CVSS
6.8AI Score
0.001EPSS
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list...
8.8CVSS
7.6AI Score
0.001EPSS
9.8CVSS
9.6AI Score
0.001EPSS
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password...
9.8CVSS
9.5AI Score
0.001EPSS
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password...
9.8CVSS
9.6AI Score
0.001EPSS