CVE-2022-4036

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use of insufficiently strong hashing algorithm on the CAPTCHA secret that is also displayed to the user via a cookie...

WordPress plugin Appointment Hour Booking 加密问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A weak algorithmic...

PT-2022-25355 · WordPress · Appointment Hour Booking

Name of the Vulnerable Software and Affected Versions: Appointment Hour Booking plugin for WordPress versions up to, and including, 1.3.72 Description: The issue arises from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject iFrame tags via the email...

PT-2022-25353 · WordPress · Appointment Hour Booking Plugin

Name of the Vulnerable Software and Affected Versions: Appointment Hour Booking Plugin for WordPress versions up to, and including, 1.3.72 Description: The issue allows unauthenticated attackers to embed untrusted input into content during booking creation, which may be exported as a CSV file whe...

WordPress plugin Appointment Hour Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A CSV injection vulnerabili...

PT-2022-25362 · WordPress · Appointment Hour Booking

Name of the Vulnerable Software and Affected Versions: Appointment Hour Booking plugin for WordPress versions up to, and including, 1.3.72 Description: The issue is related to a CAPTCHA bypass due to the use of an insufficiently strong hashing algorithm on the CAPTCHA secret. This secret is also...