3 matches found
CVE-2021-36847
The CVE pertains to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Webba Booking (WebbaPlugins) versions
CVE-2023-51354
CVE-2023-51354 corresponds to a CSRF vulnerability in the Webba Booking (Appointment & Event Booking Calendar) plugin, affecting versions up to 4.5.33. The Red Hat CVE entry confirms a CSRF issue; the NVD entry lists a high-severity score (CVSS v3.1) with CSRF as the underlying flaw. In the provi...
CVE-2024-8432
CVE-2024-8432 applies to the Appointment & Event Booking Calendar Plugin – Webba Booking for WordPress. Vulnerability: missing capability check in save_appearance() allows authenticated users with Subscriber level access and above to modify the booking form CSS, affecting all versions up to 5.0.4...