Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Vulnrichment
Vulnrichmentadded 2026/03/19 11:15 a.m.2 views

CVE-2026-3658 Appointment Booking Calendar <= 1.6.10.0 - Unauthenticated SQL Injection via 'fields' Parameter

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the 'fields' parameter in all versions up to, and including, 1.6.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/03/11 7:36 a.m.5 views

CVE-2026-1708 Appointment Booking Calendar <= 1.6.9.27 - Unauthenticated SQL Injection via 'append_where_sql' Parameter

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to, and including, 1.6.9.27. This is due to the dbwhereconditions method in the TDDBModel class failing to prevent the appendwheresql paramet...

7.5CVSS6AI score0.00406EPSS
Exploits0References10
OSV
OSVadded 2023/11/30 4:15 p.m.3 views

CVE-2023-36507

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...

5.3CVSS7.3AI score0.0051EPSS
Exploits0References1
CVE
CVEadded 2023/10/24 10:47 a.m.37 views

CVE-2023-46198

CVE-2023-46198 is a CSRF in the Scientech It Solution Appointment Calendar WordPress plugin affecting versions ≤ 2.9.6. It enables cross-site requests to be forged without authentication to perform unintended actions; sources disagree slightly on exact access requirements, but Patch/Wordfence not...

8.8CVSS7AI score0.00269EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2023/04/10 12:15 p.m.13 views

Sql injection

A vulnerability classified as critical has been found in CP Appointment Calendar Plugin up to 1.1.5 on WordPress. This affects the function dexprocessreadytogoappointment of the file dexappointments.php. The manipulation of the argument itemnumber leads to sql injection. It is possible to initiat...

7.5CVSS7.9AI score0.01031EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2023/04/10 12:0 p.m.46 views

CVE-2015-10099

CVE-2015-10099 affects CP Appointment Calendar Plugin (WordPress) up to version 1.1.5. The issue is an SQL injection in the dex_process_ready_to_go_appointment function within dex_appointments.php, caused by improper handling of the itemnumber argument. The vulnerability can be triggered remotely...

9.8CVSS8.4AI score0.01031EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder