Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-1006

Disclosure Date: April 11, 2022 (last updated February 23, 2025)
The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the id parameter when editing Calendars, which could allow high privilege users such as admin to perform SQL injection attacks
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0