RSS   Vulnerabilities for 'Appointment hour booking'   RSS

2022-06-13
 
CVE-2022-1710

CWE-79
 

 
The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.

 
2021-10-11
 
CVE-2021-24712

CWE-79
 

 
The Appointment Hour Booking WordPress plugin before 1.3.17 does not properly sanitize values used when creating new calendars.

 
2021-10-04
 
CVE-2021-24673

CWE-79
 

 
The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

 
2019-07-11
 
CVE-2019-13505

CWE-79
 

 
The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email_1.

 

 >>> Vendor: Dwbooster 6 Products
Appointment hour booking
Corner ad
Calendar event multi view
Cp blocks
Cp image store with slideshow
Loading page with loading screen


Copyright 2024, cxsecurity.com

 

Back to Top