Lucene search
K
WpbookingsystemWp Booking System

5 matches found

CVE
CVE
added 2019/05/20 7:38 p.m.77 views

CVE-2019-12239

The CVE-2019-12239 entry concerns the WordPress WP Booking System plugin (version 1.5.1) with a lack of CSRF protection, which allows reaching SQL injection issues that require administrative access. Connected documents confirm this vulnerability and its remediation guidance, e.g., Patchstack and...

7.2CVSS7.4AI score0.00911EPSS
CVE
CVE
added 2022/01/17 1:0 p.m.53 views

CVE-2021-25061

CVE-2021-25061: WordPress WP Booking System plugin before 2.0.15 suffers a reflected XSS on the wpbs-calendars admin page. The vulnerability is authenticated (requires user login) and can execute JavaScript in the context of the affected site. Evidence across multiple sources confirms the flaw an...

5.4CVSS5.4AI score0.00675EPSS
Web
CVE
CVE
added 2024/09/14 5:40 a.m.51 views

CVE-2024-8797

The CVE-2024-8797 entry concerns the WP Booking System – Booking Calendar WordPress plugin. Affected versions up to and including 2.0.19.8 are vulnerable to Reflected Cross-Site Scripting due to improper escaping when using add_query_arg/remove_query_arg in the URL, enabling unauthenticated attac...

6.1CVSS6.2AI score0.00475EPSS
CVE
CVE
added 2017/05/22 4:0 p.m.49 views

CVE-2017-2168

The CVE-2017-2168 entry maps to the WordPress plugin WP Booking System. A stored cross-site scripting (XSS) vulnerability exists in WP Booking System Free versions prior to 1.4 and Premium versions prior to 3.7, allowing remote attackers to inject arbitrary scripts via unspecified vectors. Impact...

6.1CVSS5.9AI score0.01379EPSS
CVE
CVE
added 2023/04/07 8:48 a.m.44 views

CVE-2023-24402

CVE-2023-24402 affects the WordPress WP Booking System – Booking Calendar plugin for Veribo, with versions

5.9CVSS4.9AI score0.00394EPSS