MEDIUM🇵🇱 Wersja polska

CVE-2021-24712

CVSS 5.4v3.1pub. 2021-10-11upd. 2024-11-21

The Appointment Hour Booking WordPress plugin before 1.3.17 does not properly sanitize values used when creating new calendars.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
  • Dwbooster Appointment Hour Booking

    APP
    Dwbooster
    < 1.3.17
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2022-4035HIGH7.2ten sam produkt

The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general...

CVE-2022-4034MEDIUM5.8ten sam produkt

The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and includ...

CVE-2022-4036MEDIUM5.3ten sam produkt

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and inclu...

CVE-2022-41692MEDIUM4.3ten sam produkt

Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress.

CVE-2022-1710MEDIUM4.8ten sam produkt

The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Cal...