WordPress Plugin Vulnerabilities

Appointment Booking Calendar < 1.1.8 - Multiple Reflected Cross-Site Scripting (XSS) and SQL Injection

Description

The Appointment Booking Calendar WordPress plugin was affected by a Multiple Reflected Cross-Site Scripting (XSS) and SQL Injection security vulnerability.

Affects Plugins

Plugin icon
appointment-booking-calendar
Fixed in 1.1.8

References

CVE
CVE-2015-7320
CVE
CVE-2015-7319
URL
https://packetstormsecurity.com/files/#133743/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
0d52f881-7838-4646-bf5c-8dbaf5fd70a2

Timeline

Publicly Published
2015-09-26 (about 10 years ago)
Added
2015-09-29 (about 10 years ago)
Last Updated
2020-08-10 (about 5 years ago)

Other

Published
Title
Published
2014-12-14
Title
WP-FB-AutoConnect <= 4.0.5 - XSS/CSRF
Published
2014-09-17
Title
Easy Media Gallery < 1.3.0 - CSRF & Cross-Site Scripting (XSS)
Published
2015-05-21
Title
WP Membership <= 1.2.3 - Multiple Vulnerabilities
Published
2014-08-01
Title
Cimy Counter - Vulnerabilities
Published
2020-03-05
Title
RegistrationMagic – Custom Registration Forms and User Login < 4.6.0.4 - Multiple Critical Issues