Amelia@* Security Vulnerabilities and Issues — Amelia@* CVE List

Lucene search

Tms-outsourceAmelia*

4 matches found

CVE•added 2024/06/10 8:15 a.m.•71 views

CVE-2024-22298

Missing Authorization vulnerability in TMS Amelia ameliabooking.This issue affects Amelia: from n/a through 1.0.98.

9.8CVSS5.3AI score0.0038EPSS

CVE•added 2024/06/21 8:15 a.m.•45 views

CVE-2024-6225

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.5 (and 7.5.1 for the Pro version) due to insufficient input sanitization and output escaping. This makes it possib...

4.8CVSS4.7AI score0.00216EPSS

CVE•added 2024/02/05 10:15 p.m.•35 views

CVE-2023-6808

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.93 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

6.4CVSS5.6AI score0.00195EPSS

CVE•added 2024/08/08 4:17 a.m.•34 views

CVE-2024-6552

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2. This is due to the plugin utilizing Symfony and leaving display_errors on within test files. This makes it possible for unauthenticated att...

5.3CVSS5.2AI score0.00469EPSS