204 matches found
KiviCare Clinic & Patient Management System (EHR) <= 3.6.4 - SQL Injection
The KiviCare Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'visittypeserviceid' parameter of the taxcalculateddata AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of...
WordPress KiviCare <2.3.9 - SQL Injection
WordPress KiviCare plugin before 2.3.9 contains a SQL injection vulnerability. The plugin does not sanitize and escape some parameters before using them in SQL statements via the ajaxpost AJAX action with the getdoctordetails route. An attacker can possibly obtain sensitive information, modify...
KiviCare WordPress Plugin - Cross-Site Scripting
The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape the 'filterType' parameter, leading to Reflected Cross-Site Scripting. id: CVE-2023-2624 info: name: KiviCare WordPress Plugin - Cross-Site Scripting author: ritikchaddha severity: medium description: | The KiviCare WordPress...
EUVD-2026-36995
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
CVE-2026-40792
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
CVE-2026-40792 WordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerability
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
CVE-2026-40792
The vulnerability concerns the WordPress KiviCare plugin (versions
CVE-2026-40792 WordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerability
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
PT-2026-49429
Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...
CVE-2026-42735
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...
CVE-2026-42735
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...
CVE-2026-42735 WordPress KiviCare plugin <= 4.3.0 - Broken Authentication vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...
CVE-2026-42735
The CVE concerns the WordPress KiviCare plugin by Iqonic Design (affected: KiviCare kivicare-clinic-management-system, plugin version
CVE-2026-42735 WordPress KiviCare plugin <= 4.3.0 - Broken Authentication vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...
EUVD-2026-32187
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...
CVE-2026-42735
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...
PT-2026-43647
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...
WordPress plugin KiviCare 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress KiviCare plugin <= 4.3.0 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by kai63001 in WordPress Plugin KiviCare versions = 4.3.0...
WordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Jakub Herman in WordPress Plugin KiviCare versions = 4.2.1...