Lucene search

Pinpoint Booking System Security Vulnerabilities

cve

CVE-2023-38520

External Control of Assumed-Immutable Web Parameter vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Functionality Misuse.This issue affects Pinpoint Booking System: from n/a through...

6.5CVSS

7.2AI Score

0.0004EPSS

2024-06-04 08:15 AM

cve

CVE-2023-45270

Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.4.0...

8.8CVSS

8.8AI Score

0.001EPSS

2023-10-13 04:15 PM

cve

CVE-2023-25062

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.2.8...

5.9CVSS

4.8AI Score

0.001EPSS

2023-04-06 02:15 PM

cve

CVE-2023-0220

The Pinpoint Booking System WordPress plugin before 2.9.9.2.9 does not validate and escape one of its shortcode attributes before using it in a SQL statement, which could allow any authenticated users, such as subscriber to perform SQL Injection...

8.8CVSS

8.9AI Score

0.001EPSS

2023-02-13 03:15 PM

cve

CVE-2015-9460

The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language...

8.8CVSS

9.1AI Score

0.001EPSS

2019-10-10 04:15 PM