244 matches found
CVE-2020-14092
Summary: CVE-2020-14092 affects the WordPress plugin “CodePeople Payment Form for PayPal Pro” up to version 1.1.65. The vulnerability is an SQL injection via the vulnerable plugin’s query parameter, allowing unauthenticated attackers to execute arbitrary SQL and have results output in JSON. The C...
WordPress Appointment Booking Calendar 1.3.34 CSV Injection
Exploit Title: Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection Google Dork: N/A Date: 2020-03-05 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.codepeople.net/ Software Link: https://downloads.wordpress.org/plugin/appointment-booking-calendar.zip Version:...
WordPress Booking Calendar Contact Form 1.1.24 Plugin - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: WordPress appointment-booking-calendar =1.1.24 - Privilege escalation Managing calendars & Persistent XSS Date: 2016-01-28 Google Dork: Index of /wordpress/wp-content/plugins/appointment-booking-calendar/ Exploit Author: Joaquin...
WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection
Exploit Title: WordPress appointment-booking-calendar =1.1.23 - Shortcode SQL injection Date: 2016-01-24 Google Dork: Index of /wordpress/wp-content/plugins/appointment-booking-calendar/ Exploit Author: Joaquin Ramirez Martinez i0 security-lab Software Link:...