CVE-2023-32511

CVE-2023-32511 refers to an unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Booking Ultra Pro – Appointments Booking Calendar Plugin , affecting versions

WordPress plugin Booking Ultra Pro Appointments Booking Calendar Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-23844 · WordPress · Booking Ultra Pro Appointments Booking Calendar Plugin

Name of the Vulnerable Software and Affected Versions: Booking Ultra Pro Appointments Booking Calendar Plugin plugin versions = 1.1.8 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for reflected cross-site scripting...

CVE-2023-32236

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin = 1.1.8 versions...

CVE-2023-32236

CVE-2023-32236 affects Booking Ultra Pro Appointments Booking Calendar Plugin for WordPress, with unauthenticated reflected XSS in versions

WordPress Plugin Booking Ultra Pro Appointments Booking Calendar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress Easy!Appointments Plugin <= 1.3.3 is vulnerable to Arbitrary File Deletion

Software Easy!Appointments Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.4.0 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2023-32295 Patch priority High CVSS severity High 6.3 Developer Claim ownership PSID 8a50196a1675 Credits Jonas Höbenreich Requir...

The vulnerability of the Easy!Appointments web application is related to lack of access control, allowing an attacker to gain unauthorized access to limited functions.

The vulnerability of the Easy!Appointments web application is related to lack of access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to limited functions of the application...

CVE-2022-36424

Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...

CVE-2022-36424

Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...

CVE-2022-36424 WordPress Easy Appointments Plugin <= 3.11.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...

CVE-2022-36424 WordPress Easy Appointments Plugin <= 3.11.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...

CVE-2022-36424

CVE-2022-36424 documents a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Easy Appointments, affecting versions up to and including 3.11.9. The issue, caused by insufficient CSRF protection for multiple AJAX actions, could allow an attacker to trigger unintended actions o...

GHSA-8C6Q-26W6-QWHG Easy!Appointments Improper Access Control vulnerability

Easy!Appointments 1.4.3 and prior has an Improper Access Control vulnerability. This issue is patched at commit b37b46019553089db4f22eb2fe998bca84b2cb64 and anticipated to be part of version 1.5.0...

Easy!Appointments Improper Access Control vulnerability

Easy!Appointments 1.4.3 and prior has an Improper Access Control vulnerability. This issue is patched at commit b37b46019553089db4f22eb2fe998bca84b2cb64 and anticipated to be part of version 1.5.0...

WordPress plugin Easy Appointments 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

Easy!Appointments 访问控制错误漏洞

Easy!Appointments is a web-based appointment and schedule management system. An access control error vulnerability exists in versions prior to Easy!Appointments 1.5.0 that stems from the presence of an access control error vulnerability...

PT-2023-13492 · Nikola Loncar · Easyappointments

Name of the Vulnerable Software and Affected Versions: Nikola Loncar Easy Appointments plugin versions prior to 3.11.9 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

CVE-2023-3077

The MStore API WordPress plugin before 3.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a Blind SQL injection exploitable by unauthenticated users. This is only exploitable if the site owner elected to pay to get access to the plugins' pro features, an...