Lucene search

K

BoxyStudio Security Vulnerabilities

cve
cve

CVE-2022-36399

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BoxyStudio Booked - Appointment Booking for WordPress | Calendars.This issue affects Booked - Appointment Booking for WordPress | Calendars: from n/a before...

7.5CVSS

7.5AI Score

0.001EPSS

2023-12-28 10:15 PM
42
cve
cve

CVE-2022-3900

The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipe_args parameter before unserializing it in the cooked_loadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection...

9.8CVSS

9.6AI Score

0.004EPSS

2022-12-12 06:15 PM
32
cve
cve

CVE-2023-44477

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Boxy Studio Cooked plugin <= 1.7.13...

6.5CVSS

5.2AI Score

0.0004EPSS

2023-10-02 09:15 AM
26
cve
cve

CVE-2021-24233

The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an arbitrary...

6.1CVSS

6.1AI Score

0.001EPSS

2021-04-22 09:15 PM
23