Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove QuickCal - Appointment Booking Calendar for WordPress quickcal allows Privilege Escalation.This issue affects QuickCal - Appointment Bookin
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themovation QuickCal - Appointment Booking Calendar for WordPress quickcal allows Retrieve Embedded Sensitiv
Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hossain Easy Booked – Appointment Booking and Scheduling Management System for WordPress easy-booked allows Cross Site Request Forgery
Cross-Site Request Forgery (CSRF) vulnerability in themespride Advanced Appointment Booking & Scheduling advanced-appointment-booking-scheduling allows Cross Site Request Forgery.This issue affects Ad
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Cross Site Request Forgery.This issue affects Onl
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Cross Site Request Forgery.This issue affects Onl
Cross-Site Request Forgery (CSRF) vulnerability in FasterThemes FastBook fastbook-responsive-appointment-booking-and-scheduling-system allows Cross Site Request Forgery.This issue affects FastBook: fr
WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthenticated attackers to modify calendar settings and inject persistent cross-site s
WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject maliciou
Cross-Site Request Forgery (CSRF) vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Cross Site Request Forgery.This issue affects WP Time Slots Booking Form: fro
The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to
The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'bookingcalendar' shortcode in all versions up to, and including, 10.14.6 due to insufficient inpu
Cross-Site Request Forgery (CSRF) vulnerability in WP Corner Quick Event Calendar quick-event-calendar allows Cross Site Request Forgery.This issue affects Quick Event Calendar: from n/a through <= 1.
Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking wp-ride-booking allows Cross Site Request Forgery.This issue affects WP Ride Booking: from n/a through <= 2.4.
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ssa_admin_upcoming_appointments, ssa_a
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.7. This is due to missing
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through <= 2.1.9.
The Booking Calendar Contact Form plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the dex_bccf_admin_int_calendar_list.inc.php f
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.9.29. Th
The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.4.01. This is due to insufficient authorization and missing pe
Page 1+ Next →