Lucene search
K

67 matches found

Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.5 views

PT-2026-23139

Name of the Vulnerable Software and Affected Versions Roland Murg WP Booking System versions through 2.0.19.12 Description The Roland Murg WP Booking System contains a flaw that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations...

5.8AI score0.00316EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2017-11351

Malware in sbrugna...

6.1CVSS6.3AI score0.01379EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-11973

Malware in sbrugna...

5.4CVSS5.4AI score0.00675EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-44855

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00423EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-51528

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00374EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-53681

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00397EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-56232

Malicious code in bioql PyPI...

6.5CVSS5.7AI score0.00328EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-47916

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00323EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 7:34 a.m.4 views

CVE-2024-13323

The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'booking' shortcode in all versions up to, and including, 10.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00374EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:20 a.m.13 views

CVE-2024-8797

The WP Booking System – Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.0.19.8. This makes it possible for unauthenticated attackers...

6.1CVSS6.4AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:19 a.m.14 views

CVE-2024-8274

The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters from 'timelineobj' in all versions up to, and including, 10.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS6.4AI score0.00469EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.15 views

CVE-2024-10027

The WP Booking Calendar WordPress plugin before 10.6.3 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setu...

4.8CVSS5.7AI score0.00342EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:18 a.m.7 views

CVE-2024-50425

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roland Murg WP Booking System wp-booking-system.This issue affects WP Booking System: from n/a through = 2.0.19.10...

6.5CVSS5.9AI score0.00423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:59 a.m.6 views

CVE-2023-51520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPdevelop / Oplugins WP Booking Calendar allows Stored XSS.This issue affects WP Booking Calendar: from n/a before 9.7.4...

6.5CVSS5.7AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:15 a.m.4 views

CVE-2023-49758

Missing Authorization vulnerability in Roland Murg WP Booking System wp-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Booking System: from n/a through = 2.0.19.2...

4.3CVSS7.3AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.7 views

CVE-2021-25061

The WP Booking System WordPress plugin before 2.0.15 was affected by a reflected xss in wp-booking-system on the wpbs-calendars admin page...

5.4CVSS6.7AI score0.00675EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/19 12:59 p.m.15 views

CVE-2025-4669

The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpbc shortcode in all versions up to, and including, 10.11.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.9AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2025/05/17 12:15 p.m.18 views

CVE-2025-4669

The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpbc shortcode in all versions up to, and including, 10.11.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.0031EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/05/17 12:0 a.m.7 views

PT-2025-21789 · WordPress · Wp Booking Calendar

Name of the Vulnerable Software and Affected Versions: WP Booking Calendar plugin for WordPress versions up to, and including, 10.11.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's wpbc shortcode due to insufficient input sanitization and output escaping on...

6.4CVSS6.2AI score0.0031EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/02/14 8:57 a.m.15 views

CVE-2024-13821

The WP Booking Calendar plugin for WordPress is vulnerable to Unauthenticated Post-Confirmation Booking Manipulation in all versions up to, and including, 10.10. This is due to the plugin not properly requiring re-verification after a booking has been made and a change is being attempted. This...

5.3CVSS9.5AI score0.00377EPSS
Exploits0References1
Rows per page
Query Builder