VYPR

Wp Time Slots Booking Form

by WordPress

Source repositories

CVEs (7)

  • CVE-2026-48882HigJun 15, 2026
    risk 0.55cvss 8.5epss 0.00

    Subscriber SQL Injection in WP Time Slots Booking Form <= 1.2.50 versions.

  • CVE-2026-40791HigJun 15, 2026
    risk 0.46cvss 7.1epss 0.00

    Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form <= 1.2.46 versions.

  • CVE-2025-68569MedDec 24, 2025
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through <= 1.2.39.

  • CVE-2025-49332MedJun 6, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Cross Site Request Forgery.This issue affects WP Time Slots Booking Form: from n/a through <= 1.2.30.

  • CVE-2022-41790MedJan 17, 2024
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76.

  • CVE-2023-23971Apr 6, 2023
    risk 0.00cvss epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodePeople WP Time Slots Booking Form plugin <= 1.1.81 versions.

  • CVE-2022-0389Mar 7, 2022
    risk 0.00cvss epss 0.01

    The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.