Wpsimplebookingcalendar ≫ Wp Simple Booking Calendar
3 vulnerabilities found.
Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2024-8663
- EPSS 1.31%
- Published 13.09.2024 07:15:07
- Last modified 27.09.2024 16:35:46
The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0.10. This makes it...
5.3
CVE-2023-51525
- EPSS 0.05%
- Published 15.03.2024 14:15:07
- Last modified 15.04.2025 21:13:12
Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg WP Simple Booking Calendar.This issue affects WP Simple Booking Calendar: from n/a through 2.0.8.4.
8.8
CVE-2021-24726
- EPSS 0.7%
- Published 13.09.2021 18:15:18
- Last modified 21.11.2024 05:53:38
The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search Calendars action, before using it in a SQL statement, leading to an authenticated SQL injection issue
1