| CVE-2024-7350 | Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account Takeover | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | Critical | 9.8 | 2024-08-08 02:32:07 | Deep Dive |
| CVE-2024-6175 | Booking Ultra Pro <= 1.1.13 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Updates | deetronix | Booking Ultra Pro Appointments Booking Calendar Plugin | Medium | 5.4 | 2024-07-18 02:03:53 | Deep Dive |
| CVE-2024-6467 | BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 8.8 | 2024-07-17 06:45:12 | Deep Dive |
| CVE-2024-6660 | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 8.8 | 2024-07-17 06:45:10 | Deep Dive |
| CVE-2024-1094 | Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling Plugin <= 1.0.21 - Missing Authorization to Limited Privilege Escalation | arraytics | Timetics – Appointment Booking & Scheduling | High | 7.3 | 2024-06-14 04:36:55 | Deep Dive |
| CVE-2024-4288 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | Medium | 6.4 | 2024-05-16 11:05:29 | Deep Dive |
| CVE-2024-2341 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Subscriber+) SQL Injection | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 8.8 | 2024-04-09 18:59:30 | Deep Dive |
| CVE-2024-2342 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Contributor+) SQL Injection via Shortcode | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 8.8 | 2024-04-09 18:58:31 | Deep Dive |
| CVE-2024-3022 | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 7.2 | 2024-04-04 01:56:45 | Deep Dive |
| CVE-2024-1760 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.6.20 - Cross-Site Request Forgery to Plugin Data Reset | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | Medium | 4.3 | 2024-03-06 05:33:23 | Deep Dive |
| CVE-2023-51354 | WordPress Webba Booking Plugin <= 4.5.33 is vulnerable to Cross Site Request Forgery (CSRF) | WebbaPlugins | Appointment & Event Booking Calendar Plugin – Webba Booking | Medium | 4.3 | 2023-12-29 12:23:41 | Deep Dive |
| CVE-2023-50841 | WordPress BookingPress Plugin <= 1.0.72 is vulnerable to SQL Injection | Repute Infosystems | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin | High | 8.5 | 2023-12-28 18:37:41 | Deep Dive |
| CVE-2023-50851 | WordPress Simply Schedule Appointments Plugin < 1.6.6.1 is vulnerable to SQL Injection | N Squared | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 7.6 | 2023-12-28 11:28:30 | Deep Dive |
| CVE-2023-36507 | WordPress BookingPress Plugin <= 1.0.64 is vulnerable to Sensitive Data Exposure | Repute Infosystems | BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin | Medium | 5.3 | 2023-11-30 15:26:48 | Deep Dive |
| CVE-2023-6219 | BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload | reputeinfosystems | Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | High | 7.2 | 2023-11-28 02:37:20 | Deep Dive |
| CVE-2023-32511 | WordPress Booking Ultra Pro Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS) | Booking Ultra Pro | Booking Ultra Pro Appointments Booking Calendar Plugin | High | 7.1 | 2023-08-24 11:15:59 | Deep Dive |
| CVE-2023-32236 | WordPress Booking Ultra Pro Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS) | Booking Ultra Pro | Booking Ultra Pro Appointments Booking Calendar Plugin | High | 7.1 | 2023-08-23 13:04:56 | Deep Dive |
| CVE-2022-46816 | WordPress Booking Ultra Pro Plugin <= 1.1.4 is vulnerable to Cross Site Request Forgery (CSRF) | Booking Ultra Pro | Booking Ultra Pro Appointments Booking Calendar Plugin | Medium | 4.3 | 2023-05-24 15:45:23 | Deep Dive |
| CVE-2022-43482 | WordPress Appointment Booking Calendar plugin <= 1.3.69 - Missing Authorization vulnerability | CodePeople | Appointment Booking Calendar (WordPress plugin) | Medium | 4.3 | 2022-11-18 19:03:50 | Deep Dive |
| CVE-2022-33177 | WordPress Booking Calendar plugin <= 9.2.1 - Cross-Site Request Forgery (CSRF) vulnerabiulity | WPdevelop/Oplugins | Booking Calendar (WordPress plugin) | Medium | 5.4 | 2022-09-06 17:18:54 | Deep Dive |