| CVE-2024-7129 | Appointment Booking Calendar < 1.6.7.43 - Admin+ Template Injection to RCE | Unknown | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | - | - | 2024-09-13 06:00:04 | Deep Dive |
| CVE-2024-7350 | Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account Takeover | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | Critical | 9.8 | 2024-08-08 02:32:07 | Deep Dive |
| CVE-2024-6467 | BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 8.8 | 2024-07-17 06:45:12 | Deep Dive |
| CVE-2024-6660 | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 8.8 | 2024-07-17 06:45:10 | Deep Dive |
| CVE-2024-1094 | Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling Plugin <= 1.0.21 - Missing Authorization to Limited Privilege Escalation | arraytics | Timetics – Appointment Booking & Scheduling | High | 7.3 | 2024-06-14 04:36:55 | Deep Dive |
| CVE-2023-24373 | WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Bypass vulnerability | WpDevArt | Booking calendar, Appointment Booking System | Low | 3.7 | 2024-06-03 21:35:58 | Deep Dive |
| CVE-2024-4288 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | Medium | 6.4 | 2024-05-16 11:05:29 | Deep Dive |
| CVE-2024-2341 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Subscriber+) SQL Injection | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 8.8 | 2024-04-09 18:59:30 | Deep Dive |
| CVE-2024-2342 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Contributor+) SQL Injection via Shortcode | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 8.8 | 2024-04-09 18:58:31 | Deep Dive |
| CVE-2024-3022 | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 7.2 | 2024-04-04 01:56:45 | Deep Dive |
| CVE-2024-30561 | WordPress Appointment Calendar plugin <= 2.9.6 - Reflected Cross Site Scripting (XSS) vulnerability | Scientech It Solution | Appointment Calendar | High | 7.1 | 2024-03-31 19:38:03 | Deep Dive |
| CVE-2024-0856 | Booking Calendar < 1.3.83 - CSRF appointment scheduling | Unknown | Appointment Booking Calendar | - | - | 2024-03-20 05:00:03 | Deep Dive |
| CVE-2024-1760 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.6.20 - Cross-Site Request Forgery to Plugin Data Reset | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | Medium | 4.3 | 2024-03-06 05:33:23 | Deep Dive |
| CVE-2023-51354 | WordPress Webba Booking Plugin <= 4.5.33 is vulnerable to Cross Site Request Forgery (CSRF) | WebbaPlugins | Appointment & Event Booking Calendar Plugin – Webba Booking | Medium | 4.3 | 2023-12-29 12:23:41 | Deep Dive |
| CVE-2023-50841 | WordPress BookingPress Plugin <= 1.0.72 is vulnerable to SQL Injection | Repute Infosystems | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin | High | 8.5 | 2023-12-28 18:37:41 | Deep Dive |
| CVE-2023-50852 | WordPress BookIt Plugin <= 2.4.3 is vulnerable to SQL Injection | StylemixThemes | Booking Calendar | Appointment Booking | BookIt | High | 7.6 | 2023-12-28 11:30:57 | Deep Dive |
| CVE-2023-50851 | WordPress Simply Schedule Appointments Plugin < 1.6.6.1 is vulnerable to SQL Injection | N Squared | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 7.6 | 2023-12-28 11:28:30 | Deep Dive |
| CVE-2023-36507 | WordPress BookingPress Plugin <= 1.0.64 is vulnerable to Sensitive Data Exposure | Repute Infosystems | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin | Medium | 5.3 | 2023-11-30 15:26:48 | Deep Dive |
| CVE-2023-6219 | BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 7.2 | 2023-11-28 02:37:20 | Deep Dive |
| CVE-2022-47428 | WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.7 is vulnerable to SQL Injection | WpDevArt | Booking calendar, Appointment Booking System | 超危 | - | 2023-11-06 07:36:32 | Deep Dive |