Lucene search
K

244 matches found

NVD
NVD
added 2025/01/24 6:15 p.m.37 views

CVE-2025-24672

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in codepeople Form Builder CP cp-easy-form-builder allows SQL Injection.This issue affects Form Builder CP: from n/a through = 1.2.41...

8.5CVSS0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/24 5:25 p.m.10 views

CVE-2025-24723 WordPress Booking Calendar Contact Form Plugin <= 1.2.55 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodePeople Booking Calendar Contact Form allows Stored XSS. This issue affects Booking Calendar Contact Form: from n/a through 1.2.55...

5.9CVSS6.6AI score0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/24 5:25 p.m.17 views

CVE-2025-24723 WordPress Booking Calendar Contact Form Plugin <= 1.2.55 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople Booking Calendar Contact Form booking-calendar-contact-form allows Stored XSS.This issue affects Booking Calendar Contact Form: from n/a through = 1.2.55...

5.9CVSS0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/24 5:24 p.m.39 views

CVE-2025-24672 WordPress Form Builder CP Plugin <= 1.2.41 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in codepeople Form Builder CP cp-easy-form-builder allows SQL Injection.This issue affects Form Builder CP: from n/a through = 1.2.41...

8.5CVSS0.00448EPSS
Exploits0References1
CVE
CVE
added 2025/01/24 5:24 p.m.47 views

CVE-2025-24672

CVE-2025-24672: SQL Injection in WordPress Form Builder CP plugin (Form Builder CP) affecting versions n/a through 1.2.41. The vulnerability originates from improper neutralization of input in SQL commands, enabling injection. CVSSv3.1 base score 8.5 (High) with network attack vector, low attack ...

8.5CVSS7.3AI score0.00448EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.3 views

PT-2025-5492 · Codepeople · Codepeople Form Builder Cp

Name of the Vulnerable Software and Affected Versions: CodePeople Form Builder CP versions n/a through 1.2.41 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

8.5CVSS8.5AI score0.00448EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.6 views

PT-2025-5537 · Codepeople · Codepeople Booking Calendar Contact Form

Name of the Vulnerable Software and Affected Versions: CodePeople Booking Calendar Contact Form versions 1.2.55 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means tha...

5.9CVSS5.8AI score0.00301EPSS
Exploits0References5
CVE
CVE
added 2025/01/02 11:59 a.m.37 views

CVE-2023-45649

CVE-2023-45649 affects the WordPress Appointment Hour Booking plugin up to version 1.4.23. The root cause is missing authorization / broken access control, enabling unauthenticated users to exploit misconfigured access levels. The CVSSv3.1 base score is 5.3 (Medium) with impact limited to integri...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.6 views

PT-2025-1494 · Codepeople · Codepeople Appointment Hour Booking

Name of the Vulnerable Software and Affected Versions: CodePeople Appointment Hour Booking versions prior to 1.4.23 Description: The issue is related to a missing authorization vulnerability in CodePeople Appointment Hour Booking, which allows the exploitation of incorrectly configured access...

5.3CVSS7.2AI score0.00358EPSS
Exploits0References4
OSV
OSV
added 2024/12/11 7:22 a.m.6 views

BIT-WORDPRESS-2023-23814

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through 1.4.13...

3.8CVSS4.1AI score0.00449EPSS
Exploits0References1
OSV
OSV
added 2024/12/09 1:15 p.m.3 views

CVE-2023-23895

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through 1.1.82...

7.2CVSS5.8AI score0.00691EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.23 views

CVE-2023-23895

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through 1.1.82...

7.2CVSS0.00691EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.51 views

CVE-2023-23814

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through 1.4.13...

3.8CVSS0.00449EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.9 views

CVE-2023-23814 WordPress Calendar Event Multi View plugin <= 1.4.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.13...

3.8CVSS7.3AI score0.00449EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.43 views

CVE-2023-23814

CVE-2023-23814 affects WordPress CP Multi View Event Calendar plugin (

3.8CVSS8.5AI score0.00449EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.18 views

CVE-2023-23895 WordPress WP Time Slots Booking Form plugin <= 1.1.82 - Broken Access Control vulnerability

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through 1.1.82...

4.7CVSS0.00691EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.58 views

CVE-2023-23895

The CVE-2023-23895 entry describes a Missing Authorization vulnerability in CodePeople WordPress Time Slots Booking Form (plugin) version 1.1.82 and earlier, caused by Broken Access Control / incorrectly configured access levels. Affected software: WP Time Slots Booking Form plugin for WordPress (

7.2CVSS5.1AI score0.00691EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.22 views

CVE-2023-23895 WordPress WP Time Slots Booking Form plugin <= 1.1.82 - Broken Access Control vulnerability

Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through = 1.1.82...

4.7CVSS5.8AI score0.00691EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.42 views

CVE-2023-25037

CVE-2023-25037 affects WordPress Booking Calendar Contact Form plugin versions

4.3CVSS8AI score0.00541EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.10 views

CVE-2023-25037 WordPress Booking Calendar Contact Form plugin <= 1.2.34 - Broken Access Control vulnerability

Missing Authorization vulnerability in codepeople Booking Calendar Contact Form booking-calendar-contact-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Calendar Contact Form: from n/a through = 1.2.34...

4.3CVSS7.3AI score0.00541EPSS
Exploits0References1
Rows per page
Query Builder