Vulnerabilities (CVE)

Filtered by vendor Codepeople Subscribe
Filtered by product Wp Time Slots Booking Form
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-35734 1 Codepeople 1 Wp Time Slots Booking Form 2024-07-18 N/A 6.1 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10.
CVE-2024-35735 1 Codepeople 1 Wp Time Slots Booking Form 2024-06-12 N/A 9.8 CRITICAL
Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11.
CVE-2022-41790 1 Codepeople 1 Wp Time Slots Booking Form 2024-02-28 N/A 8.8 HIGH
Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76.
CVE-2023-23971 1 Codepeople 1 Wp Time Slots Booking Form 2024-02-28 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodePeople WP Time Slots Booking Form pluginĀ <= 1.1.81 versions.
CVE-2022-0389 1 Codepeople 1 Wp Time Slots Booking Form 2024-02-28 3.5 LOW 4.8 MEDIUM
The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.