Wp Booking System@* Security Vulnerabilities and Issues — Wp Booking System@* CVE List

Lucene search

WpbookingsystemWp Booking System*

3 matches found

CVE•added 2019/05/20 8:29 p.m.•53 views

CVE-2019-12239

The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.

7.2CVSS7.4AI score0.00128EPSS

CVE•added 2022/01/17 1:15 p.m.•42 views

CVE-2021-25061

The WP Booking System WordPress plugin before 2.0.15 was affected by a reflected xss in wp-booking-system on the wpbs-calendars admin page.

5.4CVSS5.4AI score0.01256EPSS

Web

CVE•added 2024/09/14 6:15 a.m.•33 views

CVE-2024-8797

The WP Booking System – Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0.19.8. This makes it possible for unauthenticated attacke...

6.1CVSS6.2AI score0.00343EPSS