WordPress LatePoint – Calendar Booking Plugin for Appointments and Events plugin <= 5.6.0 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Kirasec in WordPress Plugin LatePoint versions = 5.6.0...

PT-2023-31693 · Unknown · Tms Booking For Appointments/Events Calendar – Amelia

Name of the Vulnerable Software and Affected Versions: TMS Booking for Appointments and Events Calendar – Amelia versions 1.0 through 1.0.85 Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means...

PT-2023-23844 · WordPress · Booking Ultra Pro Appointments Booking Calendar Plugin

Name of the Vulnerable Software and Affected Versions: Booking Ultra Pro Appointments Booking Calendar Plugin plugin versions = 1.1.8 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for reflected cross-site scripting...

CVE-2023-29427

Unauth. Reflected Cross-Site Scripting XSS vulnerability in TMS Booking for Appointments and Events Calendar – Amelia plugin = 1.0.75 versions...

CVE-2022-46816

Cross-Site Request Forgery CSRF vulnerability in Booking Ultra Pro Appointments Booking Calendar Plugin plugin = 1.1.4 versions...