46 matches found
Course Booking System <= 6.0.6 - SQL Injection
The Course Booking System plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 6.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...
WordPress Course Booking System plugin <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export vulnerability
Missing Authorization to Unauthenticated Booking Data Export vulnerability discovered by Powpy in WordPress Plugin Course Booking System versions = 6.1.5...
WordPress Course Booking System plugin Unauthorized Access to Data Vulnerability
The WordPress Course Booking System plugin is a tool designed for course booking that allows users to book courses online, manage scheduling and handle the payment process. An unauthorized access to data vulnerability exists in the WordPress Course Booking System plugin, which can be exploited by...
CVE-2025-12042
The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...
EUVD-2025-38359
The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...
CVE-2025-12042
The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...
CVE-2025-12042 Course Booking System <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export
The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...
CVE-2025-12042 Course Booking System <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export
The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...
CVE-2025-12042
The CVE-2025-12042 vulnerability affects the WordPress Course Booking System plugin, specifically due to a missing capability check in csv-export.php. This flaw allows unauthenticated access to export (download) all booking data for all versions up to and including 6.1.5. Public details consisten...
WordPress plugin Course Booking System 安全漏洞
The WordPress Course Booking System plugin is a tool designed for course booking that allows users to book courses online, manage scheduling and handle the payment process. An unauthorized access to data vulnerability exists in the WordPress Course Booking System plugin, which can be exploited by...
PT-2025-45545
Name of the Vulnerable Software and Affected Versions Course Booking System versions prior to 6.1.6 Description The Course Booking System plugin for WordPress has a flaw that allows unauthorized access to data. This is due to a missing capability check in the csv-export.php file. An unauthenticat...
EUVD-2025-9793
Malicious code in bioql PyPI...
EUVD-2025-26889
Malicious code in bioql PyPI...
EUVD-2025-11653
Malicious code in bioql PyPI...
EUVD-2025-2994
Malicious code in bioql PyPI...
CVE-2025-58887
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Course Finder | andré martin - it solutions & research UG Course Booking Platform course-booking-platform allows Stored XSS.This issue affects Course Booking Platform: from n/a through = 1.0.0...
CVE-2025-58887
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Course Finder | andré martin - it solutions & research UG Course Booking Platform course-booking-platform allows Stored XSS.This issue affects Course Booking Platform: from n/a through = 1.0.0...
WordPress Course Booking Platform Plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Course Booking Platform versions = 1.0.0...
CVE-2025-58887 WordPress Course Booking Platform Plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Course Finder | andré martin - it solutions & research UG Course Booking Platform course-booking-platform allows Stored XSS.This issue affects Course Booking Platform: from n/a through = 1.0.0...
CVE-2025-58887
CVE-2025-58887 affects the WordPress Course Booking Platform plugin (versions up to 1.0.0). It is a Stored XSS vulnerability arising from improper input neutralization during web page generation, with a CVSSv3.1 base score of 6.5 (Medium). The vulnerability impacts Course Booking Platform; no pat...