Wp Simple Booking Calendar Security Vulnerabilities and Issues — Wp Simple Booking Calendar CVE List

Lucene search

WpsimplebookingcalendarWp Simple Booking Calendar

3 matches found

CVE•added 2024/03/15 2:15 p.m.•48 views

CVE-2023-51525

Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg WP Simple Booking Calendar.This issue affects WP Simple Booking Calendar: from n/a through 2.0.8.4.

5.3CVSS5.3AI score0.0005EPSS

CVE•added 2024/09/13 7:15 a.m.•40 views

CVE-2024-8663

The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0.10. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6.3AI score0.01309EPSS

CVE•added 2021/09/13 6:15 p.m.•37 views

CVE-2021-24726

The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search Calendars action, before using it in a SQL statement, leading to an authenticated SQL injection issue

8.8CVSS8.9AI score0.00703EPSS