Vulnerabilidades en wpdevelop
23 resultadosCVE-2024-1207CRITICALBooking Calendar <= 9.9 - Unauthenticated SQL InjectionEPSS 3.2%CVE-2017-2150—Directory traversal vulnerability in Booking Calendar version 7.0 and earlier allows remote attackers to read arbitrary files via specially EPSS 2.4%CVE-2022-1463HIGHBooking Calendar <= 9.1 - PHP Object Injection via ShortcodeEPSS 1.7%CVE-2017-2151—Cross-site scripting vulnerability in Booking Calendar version 7.1 and earlier allows remote attackers to inject arbitrary web script or HTMEPSS 0.9%CVE-2024-8274MEDIUMWP Booking Calendar <= 10.5 - Reflected Cross-Site ScriptingEPSS 0.5%CVE-2025-14383HIGHBooking Calendar <= 10.14.8 - Unauthenticated SQL Injection via dates_to_checkEPSS 0.4%CVE-2024-13821MEDIUMWP Booking Calendar <= 10.10 - Unauthenticated Post-Confirmation Booking ManipulationEPSS 0.4%CVE-2024-13323MEDIUMBooking Calendar <= 10.9.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'booking' ShortcodeEPSS 0.4%CVE-2025-14982MEDIUMBooking Calendar <= 10.14.11 - Missing Authorization to Sensitive Information ExposureEPSS 0.3%CVE-2024-11945MEDIUMEmail Reminders <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via id ParameterEPSS 0.3%CVE-2025-14146MEDIUMBooking Calendar <= 10.14.10 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-4669MEDIUMBooking Calendar <= 10.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpbc ShortcodeEPSS 0.3%CVE-2024-6930MEDIUMWP Booking Calendar <= 10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via bookingform ShortcodeEPSS 0.3%CVE-2024-9306MEDIUMWP Booking Calendar <= 10.6 - Authenticated (Admin+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-56292MEDIUMWordPress Email Reminders Plugin <= 2.0.5 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2026-32358HIGHWordPress Booking Calendar plugin <= 10.14.15 - SQL Injection vulnerabilityEPSS 0.3%CVE-2026-1431MEDIUMBooking Calendar <= 10.14.13 - Missing Authorization to Unauthenticated Booking Details ExposureEPSS 0.3%CVE-2026-2230MEDIUMBooking Calendar <= 10.14.14 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Settings ModificationEPSS 0.2%CVE-2025-9346MEDIUMBooking Calendar <= 10.14.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-12804MEDIUMBooking Calendar <= 10.14.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via bookingcalendar ShortcodeEPSS 0.2%