MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2022-41692

CVSS 4.3v3.1pub. 2022-11-18upd. 2024-11-21

Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • Dwbooster Appointment Hour Booking

    APP
    Dwbooster
    < 1.3.72
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2022-4035HIGH7.2ten sam produkt

The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general...

CVE-2022-4034MEDIUM5.8ten sam produkt

The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and includ...

CVE-2022-4036MEDIUM5.3ten sam produkt

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and inclu...

CVE-2022-1710MEDIUM4.8ten sam produkt

The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Cal...

CVE-2021-24712MEDIUM5.4ten sam produkt

The Appointment Hour Booking WordPress plugin before 1.3.17 does not properly sanitize values used when creati...