6.1CVSS
6.9AI Score
0.001EPSS
SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id...
8.8CVSS
9.2AI Score
0.081EPSS
An issue was discovered in the WpDevArt "Booking calendar, Appointment Booking System" plugin 2.2.2 for WordPress. Multiple parameters allow remote attackers to manipulate the values to change data such as...
7.5CVSS
7AI Score
0.002EPSS
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php form_field5[label]...
4.8CVSS
6.2AI Score
0.001EPSS
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php extra_field1[items][field_item1][price_percent]...
4.8CVSS
6.2AI Score
0.001EPSS
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. CSRF exists via...
8.8CVSS
9AI Score
0.002EPSS
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php sale_conditions[count][]...
4.8CVSS
6.2AI Score
0.001EPSS