Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown
CVE-2024-6175
Disclosure Date: July 18, 2024 (last updated July 18, 2024)
The Booking Ultra Pro Appointments Booking Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the multiple functions in all versions up to, and including, 1.1.13. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify and delete. multiple plugin options and data such as payments, pricing, booking information, business hours, calendars, profile information, and email templates.
0
Attacker Value
Unknown
CVE-2023-32511
Disclosure Date: August 24, 2023 (last updated October 08, 2023)
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.8 versions.
0
Attacker Value
Unknown
CVE-2022-46816
Disclosure Date: May 24, 2023 (last updated October 08, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.4 versions.
0
Attacker Value
Unknown
CVE-2021-36855
Disclosure Date: September 28, 2022 (last updated October 08, 2023)
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
0
Attacker Value
Unknown
CVE-2021-36854
Disclosure Date: September 28, 2022 (last updated October 08, 2023)
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
0
