Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 478 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-7350 Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account Takeover reputeinfosystemsAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Critical 9.8 2024-08-08 02:32:07 Deep Dive
CVE-2024-6522 Modern Events Calendar <= 7.12.1 - Authenticated (Subscriber+) Server Side Request Forgery WebnusModern Events Calendar High 8.5 2024-08-07 11:00:07 Deep Dive
CVE-2024-6930 WP Booking Calendar <= 10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via bookingform Shortcode wpdevelopBooking Calendar Medium 6.4 2024-07-24 07:31:48 Deep Dive
CVE-2024-38692 WordPress spiffy-calendar plugin <= 4.9.11 - SQL Injection vulnerability Spiffy PluginsSpiffy Calendar High 7.6 2024-07-22 10:11:53 Deep Dive
CVE-2024-37262 WordPress Online Booking & Scheduling Calendar plugin <= 4.4.2 - Reflected Cross Site Scripting (XSS) vulnerability vCita.comOnline Booking & Scheduling Calendar for WordPress by vcita High 7.1 2024-07-22 09:02:50 Deep Dive
CVE-2024-38678 WordPress Calendar.online / Kalender.digital – Plugin plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability Calendar.onlineCalendar.online / Kalender.digital Medium 6.5 2024-07-20 07:49:28 Deep Dive
CVE-2024-6175 Booking Ultra Pro <= 1.1.13 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Updates deetronixBooking Ultra Pro Appointments Booking Calendar Plugin Medium 5.4 2024-07-18 02:03:53 Deep Dive
CVE-2024-6467 BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation reputeinfosystemsAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress High 8.8 2024-07-17 06:45:12 Deep Dive
CVE-2024-6660 BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload reputeinfosystemsAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress High 8.8 2024-07-17 06:45:10 Deep Dive
CVE-2024-6033 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Event Data Import arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) Medium 4.3 2024-07-17 06:45:08 Deep Dive
CVE-2024-2691 WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce <= 3.1.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'events' Shortcode wpeventmanagerWP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce Medium 6.4 2024-07-16 08:32:30 Deep Dive
CVE-2024-6557 SchedulePress <= 5.1.3 - Unauthenticated Full Path Disclosure wpdevteamSchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher Medium 5.3 2024-07-16 04:31:29 Deep Dive
CVE-2024-38716 WordPress Events Calendar for Google plugin <= 2.1.0 - Local File Inclusion vulnerability Blue PluginsEvents Calendar for Google Medium 6.5 2024-07-12 15:14:52 Deep Dive
CVE-2024-37499 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.2 - Local File Inclusion vulnerability vCitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.5 2024-07-09 11:55:34 Deep Dive
CVE-2024-5441 Modern Events Calendar <= 7.11.0 - Authenticated (Subscriber+) Arbitrary File Upload WebnusModern Events Calendar High 8.8 2024-07-09 05:34:18 Deep Dive
CVE-2024-5889 Events Manager <= 6.4.8 - Reflected Cross-Site Scripting netweblogicEvents Manager – Calendar, Bookings, Tickets, and more! Medium 6.1 2024-06-29 04:33:29 Deep Dive
CVE-2024-5791 Appointment Booking and Online Scheduling <= 4.4.2 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting vcitaOnline Booking & Scheduling Calendar for WordPress by vcita High 7.2 2024-06-22 02:01:07 Deep Dive
CVE-2024-35761 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.4.0 - Cross Site Scripting (XSS) vulnerability vCitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.5 2024-06-21 12:38:39 Deep Dive
CVE-2024-5859 Appointment Booking and Online Scheduling <= 4.4.2 - Reflected Cross-Site Scripting vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.1 2024-06-21 08:39:43 Deep Dive
CVE-2024-6225 Amelia <= 1.1.5 & Amelia (Pro) <= 7.5.1 - Authenticated (Admin+) Stored Cross-Site Scripting ameliabookingBooking for Appointments and Events Calendar – Amelia Medium 4.4 2024-06-21 07:39:57 Deep Dive