Latest dwbooster appointment hour booking Vulnerabilities

CVE-2022-4034
The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthenticated attackers to embed untrusted input...
Dwbooster Appointment Hour Booking<=1.3.72
CVE-2022-4035
The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in versions up to, and including, 1.3.72 due to insufficient input sanit...
Dwbooster Appointment Hour Booking<=1.3.72
CVE-2022-4036
The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use of insufficiently strong hashing algorithm on the CAP...
Dwbooster Appointment Hour Booking<=1.3.72
CVE-2022-41692
Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress.
Dwbooster Appointment Hour Booking<1.3.72
CVE-2022-1710
The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attac...
Dwbooster Appointment Hour Booking<1.3.56
CVE-2021-24712
The Appointment Hour Booking WordPress plugin before 1.3.17 does not properly sanitize values used when creating new calendars.
Dwbooster Appointment Hour Booking<1.3.17
CVE-2021-24673
The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high privilege users to perform Stored Cross-Site Scripting attacks even when t...
Dwbooster Appointment Hour Booking<1.3.16
CVE-2019-13505
The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email_1.
Dwbooster Appointment Hour Booking=1.1.44

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203