CVE-2016-10908
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has XSS.
6.1CVSS
6.4AI Score
0.001EPSS
CVE-2016-10909
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection.
9.8CVSS
9.9AI Score