Vulnerabilities in Iqonic Design
17 resultsCVE-2025-0357CRITICALWPBookit <= 1.6.9 - Unauthenticated Arbitrary File UploadEPSS 1.1%CVE-2024-10215CRITICALWPBookit <= 1.6.4 - Unauthenticated Arbitrary User Password ChangeEPSS 0.6%CVE-2024-54280CRITICALWordPress WPBookit plugin <= 1.6.0 - SQL Injection vulnerabilityEPSS 0.6%CVE-2023-41128MEDIUMWordPress WP Roadmap Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-32254MEDIUMWordPress WPBookit plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35659MEDIUMWordPress KiviCare plugin <= 3.6.6 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.3%CVE-2025-47533HIGHWordPress Graphina plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) to Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-47480MEDIUMWordPress Graphina plugin <= 3.0.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-52822HIGHWordPress WP Roadmap plugin <= 2.1.3 - SQL Injection vulnerabilityEPSS 0.3%CVE-2026-42735HIGHWordPress KiviCare plugin <= 4.3.0 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2026-40792MEDIUMWordPress KiviCare plugin <= 4.2.1 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2024-43124MEDIUMWordPress Graphina plugin <= 1.8.10 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-66095HIGHWordPress KiviCare plugin <= 3.6.13 - SQL Injection vulnerabilityEPSS 0.2%CVE-2026-25022HIGHWordPress KiviCare plugin <= 3.6.16 - SQL Injection vulnerabilityEPSS 0.2%CVE-2026-25034MEDIUMWordPress KiviCare plugin <= 3.6.16 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25383HIGHWordPress KiviCare plugin <= 3.6.16 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-26910HIGHWordPress WPBookit plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%