20 matches found
PT-2026-27946
Name of the Vulnerable Software and Affected Versions wpdevart Booking calendar, Appointment Booking System versions n/a through 3.2.36 Description The software contains a flaw related to improper handling of user-supplied data during web page creation, which could allow for cross-site scripting...
CVE-2025-67574
Missing Authorization vulnerability in wpdevart Booking calendar, Appointment Booking System booking-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through = 3.2.30...
EUVD-2023-28429
Malicious code in bioql PyPI...
EUVD-2022-50190
Malicious code in bioql PyPI...
CVE-2023-24388
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...
CVE-2022-47438
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...
CVE-2022-47428
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7...
CVE-2023-24407
Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...
CVE-2023-24407
Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...
CVE-2023-24407
CVE-2023-24407 affects the WordPress plugin Booking calendar, Appointment Booking System (versions
CVE-2023-24373 WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Bypass vulnerability
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...
PT-2023-15305 · Unknown · Wpdevart Booking Calendar
Name of the Vulnerable Software and Affected Versions: WpDevArt Booking calendar, Appointment Booking System versions 3.2.7 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQ...
CVE-2022-47438
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...
Cross site scripting
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...
CVE-2022-47438 WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS)
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...
PT-2023-15314 · Unknown · Wpdevart Booking Calendar +1
Name of the Vulnerable Software and Affected Versions: WpDevArt Booking calendar, Appointment Booking System plugin versions 3.2.3 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by authenticated users with edit...
CVE-2023-24388
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...
CVE-2023-24388
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...
CVE-2023-24388
The CVE-2023-24388 entry affects the WpDevArt Booking calendar, Appointment Booking System plugin for WordPress, specifically versions <= 3.2.3. The root cause is a Cross-Site Request Forgery (CSRF) vulnerability impacting plugin form actions (create, duplicate, edit, delete). Several connecte...