Kivicare@* Security Vulnerabilities and Issues — Kivicare@* CVE List

Lucene search

IqonicKivicare*

4 matches found

CVE•added 2024/12/06 10:15 a.m.•74 views

CVE-2024-11728

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'visit_type[service_id]' parameter of the tax_calculated_data AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and l...

7.5CVSS7.7AI score0.51904EPSS

CVE•added 2024/12/06 11:15 a.m.•43 views

CVE-2024-11729

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'service_list[0][service_id]' parameter of the get_widget_payment_options AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied par...

6.5CVSS6.5AI score0.00197EPSS

CVE•added 2024/06/08 4:15 p.m.•43 views

CVE-2024-35659

Authorization Bypass Through User-Controlled Key vulnerability in KiviCare.This issue affects KiviCare: from n/a through 3.6.2.

8.8CVSS5.7AI score0.00073EPSS

CVE•added 2024/12/06 11:15 a.m.•37 views

CVE-2024-11730

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'sort[]' parameter of the static_data_list AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient p...

6.5CVSS6.5AI score0.00096EPSS