80 matches found
WordPress Bookly plugin <= 27.4 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Tiago Ventura @perses in WordPress Plugin Bookly versions = 27.4...
CVE-2026-2519
The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due to the plugin trusting a user-supplied input without server-side validation against the configure...
WordPress Online Scheduling and Appointment Booking System - Bookly plugin <= 27.0 - Unauthenticated Price Manipulation via 'tips' vulnerability
WordPress Online Scheduling and Appointment Booking System - Bookly plugin = 27.0 - Unauthenticated Price Manipulation via 'tips' vulnerability discovered by Youssef Elouaer in WordPress Plugin Bookly versions = 27.0...
CVE-2026-2519
The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due to the plugin trusting a user-supplied input without server-side validation against the configure...
CVE-2026-2519
CVE-2026-2519 : The Bookly plugin for WordPress (Online Scheduling and Appointment Booking System) up to version 27.0 is vulnerable to price manipulation via the 'tips' parameter. The vendor trusts user input without server-side validation against the configured price, enabling unauthenticated at...
CVE-2026-2519 Online Scheduling and Appointment Booking System – Bookly <= 27.0 - Unauthenticated Price Manipulation via 'tips'
The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due to the plugin trusting a user-supplied input without server-side validation against the configure...
CVE-2026-2519
The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due to the plugin trusting a user-supplied input without server-side validation against the configure...
WordPress plugin Bookly 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-31608
The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due to the plugin trusting a user-supplied input without server-side validation against the configure...
CVE-2026-32540
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through = 26.7...
EUVD-2026-15915
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through = 26.7...
CVE-2026-32540
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through = 26.7...
CVE-2026-32540 WordPress Bookly plugin <= 26.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through = 26.7...
CVE-2026-32540
CVE-2026-32540 is a reflected XSS in Bookly’s WordPress plugin (bookly-responsive-appointment-booking-tool) affecting versions up to and including 26.7. Root cause: improper input neutralization during web page generation. Exploitation details are not fully provided in the initial document, but t...
CVE-2026-32540
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through = 26.7...
CVE-2026-32540 WordPress Bookly plugin <= 26.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through = 26.7...
PT-2026-28054
Name of the Vulnerable Software and Affected Versions Bookly versions through 26.7 Description The Bookly bookly-responsive-appointment-booking-tool contains a flaw due to improper neutralization of input during web page generation, which allows for Reflected Cross-site Scripting XSS. This issue...
WordPress plugin Bookly 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress Bookly plugin <= 26.7 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by ickogz in WordPress Plugin Bookly versions = 26.7...
CVE-2018-6891
Bookly 1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-paymentdetailsdialog.js...