Booking calendar, Appointment Booking System

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Booking calendar, Appointment Booking System

Information

Software Type Plugin
Software Slug booking-calendar (view on wordpress.org)
Software Status Active
Software Author wpdevart
Software Website wpdevart.com
Software Downloads 497,168
Software Active Installs 4,000
Software Record Last Updated September 22, 2023

10 vulnerabilities

Booking calendar, Appointment Booking System <= 3.2.8 - Multiple Authenticated(Editor+) SQL Injection
7.2
CVE ID Unknown
Sep 12, 2023
Researchers:
Booking calendar, Appointment Booking System <= 3.2.6 - Authenticated (Administrator+) SQL Injection via *_selected
7.2
CVE-2022-47428
Apr 19, 2023
Researcher: thiennv
Booking calendar, Appointment Booking System <= 3.2.3 - Cross-Site Request Forgery
4.3
CVE-2023-24388
Jan 27, 2023
Researcher: yuyudhn
Booking calendar, Appointment Booking System <= 3.2.3 - Authenticated (Editor+) Stored Cross-Site Scripting
5.5
CVE-2022-47438
Jan 27, 2023
Researcher: yuyudhn
Booking calendar, Appointment Booking System <= 3.2.1 - Unauthenticated Arbitrary File Upload
9.8
CVE-2022-3982
Nov 21, 2022
Researcher: cydave
Booking calendar, Appointment Booking System < 2.2.3 - Unauthenticated Parameter Manipulation
7.5
CVE-2018-10363
Jun 7, 2018
Researcher: B0UG
Booking calendar, Appointment Booking System <= 2.1.7 - Cross-Site Request Forgery
8.8
CVE-2018-5673
Jan 12, 2018
Researcher: d4wner
Booking calendar, Appointment Booking System <= 2.1.7 - Cross-Site Scripting
5.5
CVE-2018-5670
Jan 11, 2018
Researcher: d4wner
Booking calendar, Appointment Booking System <= 2.1.7 - Cross-Site Scripting
5.5
CVE-2018-5672
Jan 11, 2018
Researcher: d4wner
Booking calendar, Appointment Booking System <= 2.1.7 - Cross-Site Scripting
5.5
CVE-2018-5671
Jan 11, 2018
Researcher: d4wner
Title CVE ID CVSS Researchers Date
Booking calendar, Appointment Booking System <= 3.2.8 - Multiple Authenticated(Editor+) SQL Injection 7.2 September 12, 2023
Booking calendar, Appointment Booking System <= 3.2.6 - Authenticated (Administrator+) SQL Injection via *_selected CVE-2022-47428 7.2 thiennv April 19, 2023
Booking calendar, Appointment Booking System <= 3.2.3 - Cross-Site Request Forgery CVE-2023-24388 4.3 yuyudhn January 27, 2023
Booking calendar, Appointment Booking System <= 3.2.3 - Authenticated (Editor+) Stored Cross-Site Scripting CVE-2022-47438 5.5 yuyudhn January 27, 2023
Booking calendar, Appointment Booking System <= 3.2.1 - Unauthenticated Arbitrary File Upload CVE-2022-3982 9.8 cydave November 21, 2022
Booking calendar, Appointment Booking System < 2.2.3 - Unauthenticated Parameter Manipulation CVE-2018-10363 7.5 B0UG June 7, 2018
Booking calendar, Appointment Booking System <= 2.1.7 - Cross-Site Request Forgery CVE-2018-5673 8.8 d4wner January 12, 2018
Booking calendar, Appointment Booking System <= 2.1.7 - Cross-Site Scripting CVE-2018-5670 5.5 d4wner January 11, 2018
Booking calendar, Appointment Booking System <= 2.1.7 - Cross-Site Scripting CVE-2018-5672 5.5 d4wner January 11, 2018
Booking calendar, Appointment Booking System <= 2.1.7 - Cross-Site Scripting CVE-2018-5671 5.5 d4wner January 11, 2018

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation