Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
12030.9%MEDIUM

Related CVEs

2
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2024-6332The Booking for Appointments and Events Calendar – Amelia Premium and Lite plugins for WordPress are vulnerable to unauthorized access of data due to a missing capability check on the 'ameliaButtonCommand' function in all versions up to, and including, Premium 7.7 and Lite 1.2.4. This makes it possible for unauthenticated attackers to access employee calendar details, including Google Calendar OAuth tokens in the premium version.MEDIUM6.527.4%Sep 5, 2024
CVE-2024-1484The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the date parameters in all versions up to, and including, 1.0.98 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.MEDIUM6.137.9%Mar 13, 2024