Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.6 views

CVE-2026-1708

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to, and including, 1.6.9.27. This is due to the dbwhereconditions method in the TDDBModel class failing to prevent the appendwheresql paramet...

7.5CVSS6AI score0.00406EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 9:31 a.m.6 views

EUVD-2026-11117

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to, and including, 1.6.9.27. This is due to the dbwhereconditions method in the TDDBModel class failing to prevent the appendwheresql paramet...

7.5CVSS6AI score0.00406EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/03/11 7:36 a.m.5 views

CVE-2026-1708

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to, and including, 1.6.9.27. This is due to the dbwhereconditions method in the TDDBModel class failing to prevent the appendwheresql paramet...

7.5CVSS6AI score0.00406EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/03/11 7:36 a.m.5 views

CVE-2026-1708 Appointment Booking Calendar <= 1.6.9.27 - Unauthenticated SQL Injection via 'append_where_sql' Parameter

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to, and including, 1.6.9.27. This is due to the dbwhereconditions method in the TDDBModel class failing to prevent the appendwheresql paramet...

7.5CVSS6AI score0.00406EPSS
Exploits0References10
CVE
CVE
added 2026/03/11 7:36 a.m.13 views

CVE-2026-1708

The CVE-2026-1708 entry concerns the WordPress plugin “Appointment Booking Calendar — Simply Schedule Appointments” vulnerable to blind SQL injection in all versions up to 1.6.9.27. The root cause is in TD_DB_Model’s db_where_conditions, which fails to sanitize the append_where_sql parameter pass...

7.5CVSS6AI score0.00406EPSS
Exploits0References10
EUVD
EUVD
added 2025/12/30 11:6 p.m.11 views

EUVD-2025-205801

RustFS has a gRPC Hardcoded Token Authentication Bypass...

9.8CVSS6.5AI score0.2903EPSS
Exploits3References3
Rows per page
Query Builder