Lucene search
K

28 matches found

EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2026-37656

Subscriber Arbitrary File Download in Woocommerce Book Price = 1.3 versions...

7.5CVSS5.2AI score0.00467EPSS
Exploits0References2
CVE
CVE
added 2025/11/11 11:3 a.m.17 views

CVE-2025-12788

CVE-2025-12788 concerns the Hydra Booking — Appointment Scheduling & Booking Calendar WordPress plugin. The vulnerability affects all versions up to 1.1.27 and stems from missing server-side verification of payment status inside the tfhb_meeting_paypal_payment_confirmation_callback function; the ...

5.3CVSS5.5AI score0.00291EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-51885

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:5 a.m.6 views

CVE-2024-31117

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moises Heberle WooCommerce Bookings Calendar.This issue affects WooCommerce Bookings Calendar: from n/a through 1.0.36...

6.5CVSS8.6AI score0.0034EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.7 views

CVE-2023-47787

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 2.0.3...

8.8CVSS8.5AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.6 views

CVE-2023-32747

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78...

7.5CVSS7.8AI score0.00449EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/04/04 12:0 a.m.14 views

WooCommerce Bookings Calendar <= 1.0.36 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The WooCommerce Bookings Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.36 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access an...

6.5CVSS5.8AI score0.0034EPSS
Exploits0References1
NVD
NVD
added 2024/03/31 7:15 p.m.10 views

CVE-2024-31117

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moises Heberle WooCommerce Bookings Calendar.This issue affects WooCommerce Bookings Calendar: from n/a through 1.0.36...

6.5CVSS6.5AI score0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/31 6:51 p.m.12 views

CVE-2024-31117 WordPress WooCommerce Bookings Calendar plugin <= 1.0.36 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moises Heberle WooCommerce Bookings Calendar.This issue affects WooCommerce Bookings Calendar: from n/a through 1.0.36...

6.5CVSS6.9AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2024/03/31 6:51 p.m.53 views

CVE-2024-31117

CVE-2024-31117 is an HTML/JavaScript input handling vulnerability (Cross-site Scripting) in the WordPress plugin WooCommerce Bookings Calendar by Moises Heberle. The description (from Red Hat and the CVE entry) states this is an improper neutralization of input during web page generation, enablin...

6.5CVSS8.6AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/31 12:0 a.m.4 views

WordPress Plugin WooCommerce Bookings Calendar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS7.6AI score0.0034EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/03/29 12:38 p.m.4 views

WordPress WooCommerce Bookings Calendar plugin <= 1.0.36 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin WooCommerce Bookings Calendar versions = 1.0.36...

6.5CVSS7.1AI score0.0034EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/03/29 12:0 a.m.9 views

WordPress WooCommerce Bookings Calendar Plugin <= 1.0.36 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Bookings Calendar Type Plugin Vulnerable versions = 1.0.36 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31117 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3cfa3dbb3e01 Credits LVT-tholv2k Required...

6.5CVSS6.6AI score0.0034EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/21 7:15 p.m.2 views

CVE-2023-32747

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78...

7.5CVSS7.3AI score0.00449EPSS
Exploits0References1
NVD
NVD
added 2023/12/21 7:15 p.m.19 views

CVE-2023-32747

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78...

7.5CVSS0.00449EPSS
Exploits0References1
Prion
Prion
added 2023/12/21 7:15 p.m.18 views

Authorization

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78...

5CVSS7.2AI score0.00449EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/21 6:18 p.m.26 views

CVE-2023-32747 WordPress WooCommerce Bookings Plugin <= 1.15.78 is vulnerable to Insecure Direct Object References (IDOR)

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78...

5.4CVSS7.8AI score0.00449EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/21 6:18 p.m.7 views

CVE-2023-32747 WordPress WooCommerce Bookings Plugin <= 1.15.78 is vulnerable to Insecure Direct Object References (IDOR)

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78...

5.4CVSS6.9AI score0.00449EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.6 views

WordPress plugin WooCommerce Bookings security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS6.7AI score0.00449EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/21 12:0 a.m.6 views

PT-2023-23995 · Unknown · Woocommerce Bookings

Name of the Vulnerable Software and Affected Versions: WooCommerce Bookings versions 1.15.78 and earlier Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability. This allows for potential unauthorized access. Recommendations: For versions 1.15.78 and...

7.5CVSS7.7AI score0.00449EPSS
Exploits0References3
Rows per page
Query Builder