Advanced Booking Calendar WordPress Plugin Security Vulnerabilities | WPScan

8

March 17, 2022

5000

Published

2022-12-02

Title

Advanced Booking Calendar <= 1.7.1 - Unauthenticated SQLi

Fixed in

No known fix

CVSS

8.6 (high)

Published

2022-12-01

Title

Advanced Booking Calendar <= 1.7.1 - CSRF

Fixed in

No known fix

CVSS

4.3 (medium)

Published

2022-03-21

Title

Advanced Booking Calendar < 1.7.1 - Reflected Cross-Site Scripting

Fixed in

Fixed in 1.7.1

CVSS

6.1 (medium)

Published

2022-03-21

Title

Advanced Booking Calendar < 1.7.1 - Admin+ SQLi

Fixed in

Fixed in 1.7.1

CVSS

6.8 (medium)

Published

2022-02-28

Title

Advanced Booking Calendar < 1.7.0 - Unauthenticated SQL Injection

Fixed in

Fixed in 1.7.0

CVSS

8.6 (high)

Published

2021-03-30

Title

Advanced Booking Calendar < 1.6.8 - Authenticated Reflected Cross-Site Scripting (XSS)

Fixed in

Fixed in 1.6.8

CVSS

7.1 (high)

Published

2021-03-28

Title

Advanced Booking Calendar < 1.6.7 - Authenticated Reflected Cross-Site Scripting (XSS)

Fixed in

Fixed in 1.6.7

CVSS

7.1 (high)

Published

2020-10-22

Title

Advanced Booking Calendar < 1.6.2 - Unauthenticated SQL Injection

Fixed in

Fixed in 1.6.2

CVSS

9.9 (critical)