Course Booking System <= 6.0.6 - SQL Injection

The Course Booking System plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 6.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

WordPress Course Booking System plugin <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export vulnerability

Missing Authorization to Unauthenticated Booking Data Export vulnerability discovered by Powpy in WordPress Plugin Course Booking System versions = 6.1.5...

WordPress Course Booking System plugin Unauthorized Access to Data Vulnerability

The WordPress Course Booking System plugin is a tool designed for course booking that allows users to book courses online, manage scheduling and handle the payment process. An unauthorized access to data vulnerability exists in the WordPress Course Booking System plugin, which can be exploited by...

CVE-2025-12042

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...

EUVD-2025-38359

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...

CVE-2025-12042

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...

CVE-2025-12042 Course Booking System <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...

CVE-2025-12042 Course Booking System <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...

WordPress plugin Course Booking System 安全漏洞

The WordPress Course Booking System plugin is a tool designed for course booking that allows users to book courses online, manage scheduling and handle the payment process. An unauthorized access to data vulnerability exists in the WordPress Course Booking System plugin, which can be exploited by...

PT-2025-45545

Name of the Vulnerable Software and Affected Versions Course Booking System versions prior to 6.1.6 Description The Course Booking System plugin for WordPress has a flaw that allows unauthorized access to data. This is due to a missing capability check in the csv-export.php file. An unauthenticat...

EUVD-2025-2994

Malicious code in bioql PyPI...

EUVD-2025-11653

Malicious code in bioql PyPI...

EUVD-2025-9793

Malicious code in bioql PyPI...

CVE-2025-32508

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ComMotion Course Booking System course-booking-system allows Reflected XSS.This issue affects Course Booking System: from n/a through = 6.1.2...

CVE-2025-32508

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ComMotion Course Booking System course-booking-system allows Reflected XSS.This issue affects Course Booking System: from n/a through = 6.1.2...

CVE-2025-32508

The CVE-2025-32508 entry refers to a Reflected XSS in the ComMotion Course Booking System (Course Booking System plugin) affecting versions from n/a up to 6.0.7. The vulnerability arises from improper input neutralization during web page generation, enabling reflected cross-site scripting. Multip...

CVE-2025-32508 WordPress Course Booking System plugin <= 6.0.7 - Reflected Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ComMotion Course Booking System allows Reflected XSS. This issue affects Course Booking System: from n/a through 6.0.7...

PT-2025-17088 · Unknown · Commotion Course Booking System

Name of the Vulnerable Software and Affected Versions: ComMotion Course Booking System versions n/a through 6.0.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an...

WordPress plugin Course Booking System 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress Course Booking System plugin <= 6.1.2 - Reflected Cross Site Scripting (XSS) Vulnerability

Reflected Cross Site Scripting XSS Vulnerability discovered by LVT-tholv2k in WordPress Plugin Course Booking System versions = 6.1.2...