Reputeinfosystems

Bookingpress

15 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.6

CVE-2025-31910

  • EPSS 0.03%
  • Published 01.04.2025 15:16:33
  • Last modified 01.04.2025 20:26:01

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems BookingPress allows SQL Injection. This issue affects BookingPress: from n/a through 1.1.28.

6.5

CVE-2025-24732

  • EPSS 0.06%
  • Published 24.01.2025 18:15:47
  • Last modified 24.01.2025 18:15:47

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking & Appointment - Repute Infosystems BookingPress allows DOM-Based XSS. This issue affects BookingPress: from n/a through 1.1.25.

6.5

CVE-2024-11726

  • EPSS 0.05%
  • Published 24.12.2024 11:15:07
  • Last modified 24.12.2024 11:15:07

The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter of the 'bookingpress_form' shortcode in all versions up to, and including, 1.1.21 due to ins...

6.5

CVE-2024-10540

  • EPSS 0.07%
  • Published 02.11.2024 02:15:12
  • Last modified 04.11.2024 13:18:27

The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'service' parameter of the bookingpress_form shortcode in all versions up to, and including, 1.1.16 due to insuff...

8.8

CVE-2024-6467

  • EPSS 0.81%
  • Published 17.07.2024 07:15:03
  • Last modified 21.11.2024 09:49:42

The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the 'bookingpress_save_lite_wizar...

8.8

CVE-2024-6660

  • EPSS 0.3%
  • Published 17.07.2024 07:15:03
  • Last modified 21.11.2024 09:50:05

The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_im...

5.3

CVE-2024-34799

  • EPSS 0.15%
  • Published 11.06.2024 17:16:01
  • Last modified 20.03.2025 11:11:29

Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82.

9.8

CVE-2023-51405

  • EPSS 0.16%
  • Published 24.04.2024 16:15:08
  • Last modified 12.03.2025 18:33:56

Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BookingPress: from n/a through 1.0.74.

5.4

CVE-2024-31296

  • EPSS 0.08%
  • Published 07.04.2024 18:15:11
  • Last modified 20.03.2025 11:23:10

Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81.

7.2

CVE-2024-3022

Exploit
  • EPSS 8.31%
  • Published 04.04.2024 02:15:07
  • Last modified 13.03.2025 01:38:18

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker wit...