Lucene search
K

20 matches found

Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-27946

Name of the Vulnerable Software and Affected Versions wpdevart Booking calendar, Appointment Booking System versions n/a through 3.2.36 Description The software contains a flaw related to improper handling of user-supplied data during web page creation, which could allow for cross-site scripting...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/10 2:23 p.m.4 views

CVE-2025-67574

Missing Authorization vulnerability in wpdevart Booking calendar, Appointment Booking System booking-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through = 3.2.30...

5.3CVSS7AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-28429

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00354EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50190

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00675EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:53 a.m.10 views

CVE-2023-24388

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...

5.4CVSS7.1AI score0.00231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:54 a.m.9 views

CVE-2022-47438

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...

5.9CVSS5.6AI score0.0038EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:52 p.m.9 views

CVE-2022-47428

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7...

9.8CVSS8.9AI score0.00675EPSS
Exploits0References1
OSV
OSV
added 2024/12/09 1:15 p.m.2 views

CVE-2023-24407

Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...

8.8CVSS5.8AI score0.00487EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.16 views

CVE-2023-24407

Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...

8.8CVSS0.00487EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.68 views

CVE-2023-24407

CVE-2023-24407 affects the WordPress plugin Booking calendar, Appointment Booking System (versions

8.8CVSS5.1AI score0.00487EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/03 9:35 p.m.28 views

CVE-2023-24373 WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Bypass vulnerability

External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...

3.7CVSS4.3AI score0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/06 12:0 a.m.22 views

PT-2023-15305 · Unknown · Wpdevart Booking Calendar

Name of the Vulnerable Software and Affected Versions: WpDevArt Booking calendar, Appointment Booking System versions 3.2.7 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQ...

9.8CVSS9.7AI score0.00675EPSS
Exploits0References4
NVD
NVD
added 2023/03/29 1:15 p.m.23 views

CVE-2022-47438

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...

5.9CVSS5.4AI score0.0038EPSS
Exploits0References1
Prion
Prion
added 2023/03/29 1:15 p.m.17 views

Cross site scripting

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...

4.9CVSS5.2AI score0.0038EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/29 12:29 p.m.26 views

CVE-2022-47438 WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS)

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...

5.9CVSS5.5AI score0.0038EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/29 12:0 a.m.6 views

PT-2023-15314 · Unknown · Wpdevart Booking Calendar +1

Name of the Vulnerable Software and Affected Versions: WpDevArt Booking calendar, Appointment Booking System plugin versions 3.2.3 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by authenticated users with edit...

5.9CVSS5.1AI score0.0038EPSS
Exploits0References4
OSV
OSV
added 2023/02/17 3:15 p.m.3 views

CVE-2023-24388

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...

5.4CVSS6.1AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2023/02/17 3:15 p.m.23 views

CVE-2023-24388

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...

5.4CVSS5.6AI score0.00231EPSS
Exploits0References1
Prion
Prion
added 2023/02/17 3:15 p.m.22 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...

5.8CVSS5.6AI score0.00231EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/17 2:25 p.m.45 views

CVE-2023-24388

The CVE-2023-24388 entry affects the WpDevArt Booking calendar, Appointment Booking System plugin for WordPress, specifically versions &lt;= 3.2.3. The root cause is a Cross-Site Request Forgery (CSRF) vulnerability impacting plugin form actions (create, duplicate, edit, delete). Several connecte...

5.4CVSS5.5AI score0.00231EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder