Booking Calendar Security Vulnerabilities and Issues — Booking Calendar CVE List

Lucene search

WpbookingcalendarBooking Calendar

3 matches found

CVE•added 2023/10/16 9:15 a.m.•45 views

CVE-2023-4620

The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators

6.1CVSS6AI score0.00587EPSS

CVE•added 2024/07/24 8:15 a.m.•33 views

CVE-2024-6930

The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' attribute within the plugin's bookingform shortcode in all versions up to, and including, 10.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This make...

6.4CVSS5.7AI score0.00089EPSS

CVE•added 2024/02/01 12:15 p.m.•26 views

CVE-2023-51520

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPdevelop / Oplugins WP Booking Calendar allows Stored XSS.This issue affects WP Booking Calendar: from n/a before 9.7.4.

6.5CVSS5.5AI score0.00077EPSS