| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-33177 | WordPress Booking Calendar plugin <= 9.2.1 - Cross-Site Request Forgery (CSRF) vulnerabiulity | WPdevelop/Oplugins | Booking Calendar (WordPress plugin) | Medium | 5.4 | 2022-09-06 17:18:54 | Deep Dive |
| CVE-2022-2846 | Calendar Event Multi View < 1.4.07 - Unauthenticated Arbitrary Event Creation to Stored XSS | Unknown | Calendar Event Multi View | 中危 | - | 2022-08-16 00:00:00 | Deep Dive |
| CVE-2022-2314 | VR Calendar < 2.3.2 - Unauthenticated Arbitrary Function Call | Unknown | VR Calendar | 超危 | - | 2022-08-15 08:36:40 | Deep Dive |
| CVE-2022-27617 | Synology Calendar 路径遍历漏洞 | Synology | Synology Calendar | Medium | 5.0 | 2022-08-03 02:15:15 | Deep Dive |
| CVE-2022-22686 | Synology Calendar 跨站请求伪造漏洞 | Synology | Synology Calendar | Medium | 6.5 | 2022-07-26 01:30:15 | Deep Dive |
| CVE-2022-22682 | Synology Calendar 跨站脚本漏洞 | Synology | Synology Calendar | Medium | 6.5 | 2022-07-12 06:20:11 | Deep Dive |
| CVE-2022-33705 | SAMSUNG Calendar 安全漏洞 | Samsung Mobile | Calendar | 低危 | - | 2022-07-11 13:37:52 | Deep Dive |
| CVE-2022-1474 | WP Event Manager < 3.1.28 - Reflected Cross-Site Scripting | Unknown | WP Event Manager – Easily Build your Calendar of Events! | 中危 | - | 2022-07-11 12:55:45 | Deep Dive |
| CVE-2022-30533 | Modern Events Calendar Lite 跨站脚本漏洞 | Webnus | Modern Events Calendar Lite | 中危 | - | 2022-06-16 01:35:18 | Deep Dive |
| CVE-2022-31059 | Discourse Calendar Event names susceptible to Cross-site Scripting | discourse | discourse-calendar | Medium | 6.5 | 2022-06-14 19:55:10 | Deep Dive |
| CVE-2022-29434 | WordPress Spiffy Calendar plugin <= 4.9.0 - Edit/Delete event via IDOR vulnerability | Spiffy Plugins | Spiffy Calendar | Medium | 6.3 | 2022-05-20 20:19:55 | Deep Dive |
| CVE-2022-1463 | Booking Calendar <= 9.1 - PHP Object Injection via Shortcode | wpdevelop | Booking Calendar | High | 8.8 | 2022-05-10 19:37:41 | Deep Dive |
| CVE-2022-27848 | WordPress Modern Events Calendar Lite plugin <= 6.5.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | Webnus | Modern Events Calendar Lite (WordPress plugin) | Low | 3.4 | 2022-04-14 20:05:48 | Deep Dive |
| CVE-2022-1007 | Advanced Booking Calendar < 1.7.1 - Reflected Cross-Site Scripting | Unknown | Advanced Booking Calendar | 中危 | - | 2022-04-11 14:41:06 | Deep Dive |
| CVE-2022-1006 | Advanced Booking Calendar < 1.7.1 - Admin+ SQLi | Unknown | Advanced Booking Calendar | 高危 | - | 2022-04-11 14:41:04 | Deep Dive |
| CVE-2022-0825 | Amelia < 1.0.49 - Customer+ Arbitrary Appointments Status Update | Unknown | Amelia – Events & Appointments Booking Calendar | 中危 | - | 2022-04-04 15:35:49 | Deep Dive |
| CVE-2022-0709 | Booking Package < 1.5.29 - Unauthenticated Sensitive Data Disclosure | Unknown | Booking Package – Appointment Booking Calendar System | 高危 | - | 2022-04-04 15:35:47 | Deep Dive |
| CVE-2022-0720 | Amelia < 1.0.47 - Customer+ Arbitrary Appointments Update and Sensitive Data Disclosure | Unknown | Amelia – Events & Appointments Booking Calendar | 中危 | - | 2022-03-28 17:23:18 | Deep Dive |
| CVE-2022-0834 | Amelia <= 1.0.46 - Stored Cross Site Scripting via lastName | ameliabooking | Booking for Appointments and Events Calendar – Amelia | High | 7.2 | 2022-03-23 19:46:49 | Deep Dive |
| CVE-2022-0739 | BookingPress < 1.0.11 - Unauthenticated SQL Injection | Unknown | BookingPress – Appointments Booking Calendar Plugin and Online Scheduling Plugin | 超危 | - | 2022-03-21 18:56:00 | Deep Dive |