Lucene search
K

6 matches found

NVD
NVD
added 2024/08/08 4:17 a.m.29 views

CVE-2024-6552

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2. This is due to the plugin utilizing Symfony and leaving displayerrors on within test files. This makes it possible for unauthenticated...

5.3CVSS0.00439EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.4 views

WordPress Plugin Booking for Appointments and Events Calendar 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

5.4CVSS6.5AI score0.00197EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/05 9:21 p.m.15 views

CVE-2023-6808 Booking for Appointments and Events Calendar – Amelia <= 1.0.93 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.0.93 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

6.4CVSS6.8AI score0.00523EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/05 12:0 a.m.4 views

WordPress plugin Booking for Appointments and Events Calendar security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.4CVSS6AI score0.00523EPSS
Exploits0References4
NVD
NVD
added 2023/12/28 11:15 a.m.17 views

CVE-2023-50860

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TMS Booking for Appointments and Events Calendar – Amelia allows Stored XSS.This issue affects Booking for Appointments and Events Calendar – Amelia: from n/a through 1.0.85...

6.5CVSS0.00325EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/28 12:0 a.m.5 views

WordPress Plugin Booking for Appointments and Events Calendar Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS6AI score0.00325EPSS
Exploits0References2
Rows per page
Query Builder