CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

RedhatCVE•added 2026/01/23 9:16 p.m.•2 views

CVE-2025-68006

Insertion of Sensitive Information Into Sent Data vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Retrieve Embedded Sensitive Data.This issue affects Booking Ultra Pro: from n/a through = 1.1.23...

6.5CVSS5.4AI score0.00056EPSS

Exploits0References1

Positive Technologies•added 2026/01/22 12:0 a.m.•2 views

PT-2026-4050

Name of the Vulnerable Software and Affected Versions Deetronix Booking Ultra Pro versions through 1.1.23 Description A flaw exists in Deetronix Booking Ultra Pro that allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. The affected...

5.3AI score0.00056EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-11642

Malicious code in bioql PyPI...

7.1CVSS9.2AI score0.00219EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-5409

Malicious code in bioql PyPI...

7.5CVSS9.2AI score0.00852EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-17198

Malicious code in bioql PyPI...

5.9CVSS6AI score0.0017EPSS

Exploits0References2

Positive Technologies•added 2025/09/03 12:0 a.m.•1 views

PT-2025-35763

Name of the Vulnerable Software and Affected Versions: Deetronix Booking Ultra Pro versions through 1.1.21 Description: This issue allows for Stored Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of input during web page generation. Recommendations: Update Deetronix...

6.5CVSS5.3AI score0.00047EPSS

Exploits0References4

RedhatCVE•added 2025/06/08 1:19 p.m.•6 views

CVE-2025-30637

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Stored XSS.This issue affects Booking Ultra Pro: from n/a through = 1.1.20...

5.9CVSS5.9AI score0.0017EPSS

Exploits0References1

NVD•added 2025/06/06 1:15 p.m.•6 views

CVE-2025-30637

5.9CVSS0.0017EPSS

Exploits0References1

CVE•added 2025/06/06 12:54 p.m.•36 views

CVE-2025-30637

CVE-2025-30637 affects Booking Ultra Pro (Booking Ultra Pro Appointments Booking Calendar Plugin). Description: Stored cross-site scripting due to improper neutralization of input during web page generation. Affected versions: Booking Ultra Pro from n/a through 1.1.20. Existence of public referen...

5.9CVSS5.9AI score0.0017EPSS

Exploits0References1

Positive Technologies•added 2025/06/06 12:0 a.m.•2 views

PT-2025-24154 · Deetronix · Deetronix Booking Ultra Pro

Name of the Vulnerable Software and Affected Versions: Deetronix Booking Ultra Pro versions 1.1.20 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

5.9CVSS5.4AI score0.0017EPSS

Exploits0References3

RedhatCVE•added 2025/04/25 4:44 p.m.•5 views

CVE-2025-27345

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Reflected XSS.This issue affects Booking Ultra Pro: from n/a through = 1.1.19...

7.1CVSS7.2AI score0.00219EPSS

Exploits0References1

NVD•added 2025/04/17 4:15 p.m.•3 views

CVE-2025-27345

7.1CVSS0.00219EPSS

Exploits0References1

CVE•added 2025/04/17 3:47 p.m.•39 views

CVE-2025-27345

CVE-2025-27345 is a Reflected XSS in the Deetronix Booking Ultra Pro WordPress plugin, affecting Booking Ultra Pro ≤ 1.1.19. Remediation per PT-2025-17075 is to update to a version later than 1.1.19; no exploitation details are provided in the connected documents.

7.1CVSS7.2AI score0.00219EPSS

Exploits0References1

Positive Technologies•added 2025/04/17 12:0 a.m.•2 views

PT-2025-17075 · Deetronix · Deetronix Booking Ultra Pro

Name of the Vulnerable Software and Affected Versions: Deetronix Booking Ultra Pro versions 1.1.19 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an...

7.1CVSS9.1AI score0.00219EPSS

Exploits0References4

RedhatCVE•added 2025/02/27 2:26 p.m.•2 views

CVE-2025-26957

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Deetronix Affiliate Coupons affiliate-coupons allows PHP Local File Inclusion.This issue affects Affiliate Coupons: from n/a through = 1.7.3...

7.5CVSS7.2AI score0.00852EPSS

Exploits0References1

NVD•added 2025/02/25 3:15 p.m.•3 views

CVE-2025-26957

7.5CVSS0.00852EPSS

Exploits0References1

CVE•added 2025/02/25 2:17 p.m.•56 views

CVE-2025-26957

CVE-2025-26957 affects the WordPress plugin Affiliate Coupons (Affiliate Coupons – The #1 Coupon Display Plugin for Affiliate Marketers). Connected data confirms an Authenticated (Contributor+) Local File Inclusion vulnerability in Affiliate Coupons

7.5CVSS7.2AI score0.00852EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by