Codepeople

Wp Time Slots Booking Form

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-68569

  • EPSS 0.06%
  • Veröffentlicht 24.12.2025 13:10:36
  • Zuletzt bearbeitet 20.01.2026 15:19:46

Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through <= 1.2.38.

4.3

CVE-2025-49332

  • EPSS 0.03%
  • Veröffentlicht 06.06.2025 12:53:57
  • Zuletzt bearbeitet 06.06.2025 14:06:58

Cross-Site Request Forgery (CSRF) vulnerability in codepeople WP Time Slots Booking Form allows Cross Site Request Forgery. This issue affects WP Time Slots Booking Form: from n/a through 1.2.30.

7.2

CVE-2023-23895

  • EPSS 0.23%
  • Veröffentlicht 09.12.2024 13:15:21
  • Zuletzt bearbeitet 10.03.2025 17:29:41

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through 1.1.82.

9.8

CVE-2024-35735

  • EPSS 0.47%
  • Veröffentlicht 10.06.2024 08:15:51
  • Zuletzt bearbeitet 21.11.2024 09:20:46

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11.

7.5

CVE-2024-33543

  • EPSS 0.33%
  • Veröffentlicht 09.06.2024 12:15:11
  • Zuletzt bearbeitet 21.11.2024 09:17:07

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.06.

6.1

CVE-2024-35734

  • EPSS 0.28%
  • Veröffentlicht 08.06.2024 13:15:55
  • Zuletzt bearbeitet 21.11.2024 09:20:46

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10.

8.8

CVE-2022-41790

  • EPSS 0.13%
  • Veröffentlicht 17.01.2024 18:15:45
  • Zuletzt bearbeitet 21.11.2024 07:23:51

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76.

4.8

CVE-2023-23971

  • EPSS 0.08%
  • Veröffentlicht 06.04.2023 06:15:08
  • Zuletzt bearbeitet 21.11.2024 07:47:11

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodePeople WP Time Slots Booking Form plugin <= 1.1.81 versions.

4.8

CVE-2022-0389

Exploit
  • EPSS 0.28%
  • Veröffentlicht 07.03.2022 09:15:09
  • Zuletzt bearbeitet 21.11.2024 06:38:31

The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.