Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

wpdevelop — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting wpdevelop. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products wpdevelop:Booking CalendarEmail RemindersBooking Manager
CVE IDTitleCVSSSeverityPaused
CVE-2026-32358 WordPress Booking Calendar plugin <= 10.14.15 - SQL Injection vulnerability — Booking CalendarCWE-89 9.8 -2026-03-13
CVE-2026-2230 Booking Calendar <= 10.14.14 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Settings Modification — Booking CalendarCWE-639 4.3 Medium2026-02-18
CVE-2026-1431 Booking Calendar <= 10.14.13 - Missing Authorization to Unauthenticated Booking Details Exposure — Booking CalendarCWE-862 5.3 Medium2026-01-31
CVE-2025-14982 Booking Calendar <= 10.14.11 - Missing Authorization to Sensitive Information Exposure — Booking CalendarCWE-862 4.3 Medium2026-01-16
CVE-2025-14146 Booking Calendar <= 10.14.10 - Unauthenticated Sensitive Information Exposure — Booking CalendarCWE-862 5.3 Medium2026-01-09
CVE-2025-14383 Booking Calendar <= 10.14.8 - Unauthenticated SQL Injection via dates_to_check — Booking CalendarCWE-89 7.5 High2025-12-15
CVE-2025-12804 Booking Calendar <= 10.14.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via bookingcalendar Shortcode — Booking CalendarCWE-79 6.4 Medium2025-12-05
CVE-2025-64381 WordPress Booking Calendar plugin <= 10.14.7 - Cross Site Scripting (XSS) vulnerability — Booking CalendarCWE-79 5.4 -2025-11-13
CVE-2025-64275 WordPress Booking Manager plugin <= 2.1.17 - Cross Site Scripting (XSS) vulnerability — Booking ManagerCWE-79 5.4 -2025-11-13
CVE-2025-9346 Booking Calendar <= 10.14.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Booking CalendarCWE-79 6.4 Medium2025-08-28
CVE-2025-4669 Booking Calendar <= 10.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpbc Shortcode — Booking CalendarCWE-79 6.4 Medium2025-05-17
CVE-2024-13821 WP Booking Calendar <= 10.10 - Unauthenticated Post-Confirmation Booking Manipulation — Booking CalendarCWE-285 5.3 Medium2025-02-12
CVE-2024-13323 Booking Calendar <= 10.9.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'booking' Shortcode — Booking CalendarCWE-79 6.4 Medium2025-01-14
CVE-2024-56292 WordPress Email Reminders Plugin <= 2.0.5 - Cross Site Scripting (XSS) vulnerability — Email RemindersCWE-79 5.9 Medium2025-01-07
CVE-2024-11945 Email Reminders <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — Email RemindersCWE-79 6.4 Medium2024-12-10
CVE-2024-9306 WP Booking Calendar <= 10.6 - Authenticated (Admin+) Stored Cross-Site Scripting — Booking CalendarCWE-79 4.4 Medium2024-10-04
CVE-2024-8274 WP Booking Calendar <= 10.5 - Reflected Cross-Site Scripting — Booking CalendarCWE-79 6.1 Medium2024-08-30
CVE-2024-6930 WP Booking Calendar <= 10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via bookingform Shortcode — Booking CalendarCWE-79 6.4 Medium2024-07-24
CVE-2024-1207 Booking Calendar <= 9.9 - Unauthenticated SQL Injection — Booking CalendarCWE-89 9.8 Critical2024-02-08
CVE-2022-1463 Booking Calendar <= 9.1 - PHP Object Injection via Shortcode — Booking CalendarCWE-502 8.8 High2022-05-10
CVE-2017-2150 WordPress Booking Calendar 路径遍历漏洞 — Booking Calendar 6.5 -2017-04-28
CVE-2017-2151 WordPress Booking Calendar 跨站脚本漏洞 — Booking Calendar 6.1 -2017-04-28

This page lists every published CVE security advisory associated with wpdevelop. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.