CVE-2024-47297

CVE-2024-47297 : WordPress CP Polls plugin versions up to 1.0.74 are vulnerable to a reflected XSS due to improper input neutralization during web page generation. The CVSS v3.1 base score is 7.1 (HIGH). Patch information from Patchstack indicates the vulnerability is fixed in CP Polls 1.0.75. Af...

BIT-WORDPRESS-2023-28492

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Functionality Misuse.This issue affects CP Multi View Event Calendar: from n/a through 1.4.10...

BIT-WORDPRESS-MULTISITE-2023-28492

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Functionality Misuse.This issue affects CP Multi View Event Calendar: from n/a through 1.4.10...

CVE-2024-35735

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11...

CVE-2024-35735

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11...

CVE-2024-35735

CVE-2024-35735 is a Missing Authorization vulnerability in the CodePeople WP Time Slots Booking Form plugin for WordPress, affecting versions up to 1.2.11 (listed as affected from n/a through 1.2.11). The Red Hat vulnerability entry mirrors these details. The connected documents do not provide a ...

CVE-2024-35735 WordPress WP Time Slots Booking Form plugin <= 1.2.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11...

CVE-2024-35735 WordPress WP Time Slots Booking Form plugin <= 1.2.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11...

CVE-2024-33543

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.06...

CVE-2024-33543

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.06...

CVE-2024-33543

CVE-2024-33543 is a Missing Authorization vulnerability in the CodePeople WP Time Slots Booking Form plugin, affecting WordPress WP Time Slots Booking Form versions up to 1.2.06 (vendor: CodePeople). The issue enables unauthorized access due to broken access control as described in the CVE entry....

CVE-2024-33543 WordPress WP Time Slots Booking Form plugin <= 1.2.06 - Broken Access Control vulnerability

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.06...

PT-2024-25310 · Codepeople · Codepeople Wp Time Slots Booking Form

Name of the Vulnerable Software and Affected Versions: CodePeople WP Time Slots Booking Form versions 1.2.06 and earlier Description: The issue is related to a Missing Authorization vulnerability in the CodePeople WP Time Slots Booking Form. This vulnerability may allow unauthorized access...

CVE-2024-35734

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10...

CVE-2024-35734

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10...

CVE-2024-35734 WordPress WP Time Slots Booking Form plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10...

CVE-2024-35734 WordPress WP Time Slots Booking Form plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10...

PT-2024-26686 · Codepeople · Codepeople Wp Time Slots Booking Form

Name of the Vulnerable Software and Affected Versions: CodePeople WP Time Slots Booking Form versions n/a through 1.2.10 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS, which can ...

WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection

Overview WordPress Plugin "Music Store - WordPress eCommerce" provided by CodePeople contains an SQL injection vulnerability CWE-89. Daiki Sato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

JVN#79213252: WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection

WordPress Plugin "Music Store - WordPress eCommerce" provided by CodePeople contains an SQL injection vulnerability CWE-89. Impact A user of the product with the administrator privilege may execute an arbitrary SQL command. Information stored in the database may be obtained or altered by the user...