Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

croixhaug — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting croixhaug. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by croixhaug:Appointment Booking Calendar — Simply Schedule Appointments Booking PluginInteractive Image Map Plugin – Draw Attention
CVE IDTitleCVSSSeverityPublished
CVE-2026-3658 Appointment Booking Calendar <= 1.6.10.0 - Unauthenticated SQL Injection via 'fields' Parameter — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-89 7.5 High2026-03-19
CVE-2026-3045 Appointment Booking Calendar <= 1.6.9.29 - Missing Authorization to Unauthenticated Sensitive Information Exposure via Settings REST API Endpoint — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-862 7.5 High2026-03-13
CVE-2026-1704 Appointment Booking Calendar <= 1.6.9.29 - Insecure Direct Object Reference to Authenticated (Staff+) Sensitive Information Exposure — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-639 4.3 Medium2026-03-13
CVE-2026-1708 Appointment Booking Calendar <= 1.6.9.27 - Unauthenticated SQL Injection via 'append_where_sql' Parameter — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-89 7.5 High2026-03-11
CVE-2025-12166 Simply Schedule Appointments <= 1.6.9.9 - Unauthenticated SQL Injection via `order` and `append_where_sql` Parameters — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-89 7.5 High2026-01-14
CVE-2025-11723 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.5 - Unauthenticated Sensitive Information Exposure — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-330 6.5 Medium2026-01-06
CVE-2025-13754 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.16 - Missing Authorization to Unauthenticated Sensitive Information Exposure — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-862 5.3 Medium2025-12-19
CVE-2025-4667 Simply Schedule Appointments <= 1.6.8.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-79 6.4 Medium2025-06-14
CVE-2025-1119 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.5 - Unauthenticated Arbitrary Shortcode Execution — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-94 7.3 High2025-03-13
CVE-2024-13431 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.3 - Reflected Cross-Site Scripting — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-79 6.1 Medium2025-03-07
CVE-2024-4288 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-79 6.4 Medium2024-05-16
CVE-2024-2341 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Subscriber+) SQL Injection — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-89 8.8 High2024-04-09
CVE-2024-2342 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Contributor+) SQL Injection via Shortcode — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-89 8.8 High2024-04-09
CVE-2024-1760 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.6.20 - Cross-Site Request Forgery to Plugin Data Reset — Appointment Booking Calendar — Simply Schedule Appointments Booking PluginCWE-352 4.3 Medium2024-03-06
CVE-2023-2764 Draw Attention <= 2.0.11 - Missing Authorization to Arbitrary Post Featured Image Modification — Interactive Image Map Plugin – Draw AttentionCWE-862 4.3 Medium2023-06-09

This page lists every published CVE security advisory associated with croixhaug. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.