| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-8274 | WP Booking Calendar <= 10.5 - Reflected Cross-Site Scripting | wpdevelop | Booking Calendar | Medium | 6.1 | 2024-08-30 09:29:49 | Deep Dive |
| CVE-2024-8319 | Tourfic <= 2.11.20 - Cross-Site Request Forgery in Multiple Functions | themefic | Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress Plugin | Medium | 4.3 | 2024-08-30 07:33:10 | Deep Dive |
| CVE-2024-39658 | WordPress Salon Booking System plugin <= 10.7 - Authenticated SQL Injection vulnerability | Salon Booking System | Salon booking system | High | 7.6 | 2024-08-29 14:42:19 | Deep Dive |
| CVE-2024-43986 | WordPress E-cab taxi booking manager plugin <=1.0.9 - Cross Site Scripting (XSS) vulnerability | MagePeople Team | Taxi Booking Manager for WooCommerce | Medium | 5.9 | 2024-08-29 09:00:17 | Deep Dive |
| CVE-2024-7647 | OTA Sync Booking Engine Widget 1.2.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting | otasync | OTA Sync Booking Engine Widget | Medium | 6.1 | 2024-08-21 05:30:23 | Deep Dive |
| CVE-2024-43280 | WordPress Salon Booking System plugin <= 10.8.1 - Open Redirection vulnerability | Salon Booking System | Salon booking system | Medium | 4.7 | 2024-08-19 17:45:40 | Deep Dive |
| CVE-2024-7636 | code-projects Simple Ticket Booking Login authenticate.php sql injection | code-projects | Simple Ticket Booking | High | 7.3 | 2024-08-09 13:00:06 | Deep Dive |
| CVE-2024-7635 | code-projects Simple Ticket Booking Registration register_insert.php sql injection | code-projects | Simple Ticket Booking | High | 7.3 | 2024-08-09 12:31:04 | Deep Dive |
| CVE-2024-6552 | Booking for Appointments and Events Calendar – Amelia <= 1.2 - Unauthenticated Full Path Disclosure | ameliabooking | Booking for Appointments and Events Calendar – Amelia | Medium | 5.3 | 2024-08-08 03:30:46 | Deep Dive |
| CVE-2024-7350 | Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account Takeover | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | Critical | 9.8 | 2024-08-08 02:32:07 | Deep Dive |
| CVE-2024-3636 | Pinpoint Booking System < 2.9.9.4.8 - Admin+ Stored XSS | Unknown | Pinpoint Booking System | - | - | 2024-08-05 06:00:02 | Deep Dive |
| CVE-2024-6930 | WP Booking Calendar <= 10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via bookingform Shortcode | wpdevelop | Booking Calendar | Medium | 6.4 | 2024-07-24 07:31:48 | Deep Dive |
| CVE-2024-37262 | WordPress Online Booking & Scheduling Calendar plugin <= 4.4.2 - Reflected Cross Site Scripting (XSS) vulnerability | vCita.com | Online Booking & Scheduling Calendar for WordPress by vcita | High | 7.1 | 2024-07-22 09:02:50 | Deep Dive |
| CVE-2024-38676 | WordPress Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.13 - Cross Site Scripting (XSS) vulnerability | Booking Ultra Pro | Booking Ultra Pro | Medium | 6.5 | 2024-07-20 07:51:35 | Deep Dive |
| CVE-2024-6175 | Booking Ultra Pro <= 1.1.13 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Updates | deetronix | Booking Ultra Pro Appointments Booking Calendar Plugin | Medium | 5.4 | 2024-07-18 02:03:53 | Deep Dive |
| CVE-2024-6467 | BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 8.8 | 2024-07-17 06:45:12 | Deep Dive |
| CVE-2024-6660 | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 8.8 | 2024-07-17 06:45:10 | Deep Dive |
| CVE-2024-6745 | code-projects Simple Ticket Booking Login adminauthenticate.php sql injection | code-projects | Simple Ticket Booking | High | 7.3 | 2024-07-15 11:00:06 | Deep Dive |
| CVE-2024-38717 | WordPress Booking Ultra Pro Appointments Booking Calendar plugin <= 1.1.13 - Local File Inclusion vulnerability | Booking Ultra Pro | Booking Ultra Pro | High | 7.1 | 2024-07-12 15:16:31 | Deep Dive |
| CVE-2024-37499 | WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.2 - Local File Inclusion vulnerability | vCita | Online Booking & Scheduling Calendar for WordPress by vcita | Medium | 6.5 | 2024-07-09 11:55:34 | Deep Dive |