11 matches found
EUVD-2024-49171
Malicious code in bioql PyPI...
WordPress Webba Booking Plugin <= 6.0.5 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by greenhats in WordPress Plugin Webba Booking versions = 6.0.5...
CVE-2025-54036 WordPress Webba Booking plugin <= 5.1.20 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Cross Site Request Forgery.This issue affects Webba Booking: from n/a through = 5.1.20...
CVE-2024-8432
CVE-2024-8432 applies to the Appointment & Event Booking Calendar Plugin – Webba Booking for WordPress. Vulnerability: missing capability check in save_appearance() allows authenticated users with Subscriber level access and above to modify the booking form CSS, affecting all versions up to 5.0.4...
PT-2023-31788 · Webbaplugins · Webba Booking
Name of the Vulnerable Software and Affected Versions: Appointment & Event Booking Calendar Plugin – Webba Booking versions 4.5.33 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the WebbaPlugins Appointment & Event Booking Calendar Plugin – Webba Booking. This allows an...
WordPress Webba Booking Plugin < 4.5.31 is vulnerable to Cross Site Scripting (XSS)
Software Webba Booking Type Plugin Vulnerable versions 4.5.31 Fixed in 4.5.31 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Webba Plugins PSID 1c913074f660 Credits Rafie Muhammad Patchstack Required...
CVE-2021-36847
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in WebbaPlugins Webba Booking plugin = 4.2.21 at WordPress...
CVE-2021-36847
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in WebbaPlugins Webba Booking plugin = 4.2.21 at WordPress...
Cross site scripting
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in WebbaPlugins Webba Booking plugin = 4.2.21 at WordPress...
CVE-2021-36847 WordPress Webba Booking plugin <= 4.2.21 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in WebbaPlugins Webba Booking plugin = 4.2.21 at WordPress...
CVE-2021-36847
The CVE pertains to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Webba Booking (WebbaPlugins) versions