VYPR

Timeslot

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-50418MedOct 29, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Time Slot Booking Time Slot timeslot allows DOM-Based XSS.This issue affects Time Slot: from n/a through <= 1.3.6.

  • CVE-2025-12842MedNov 19, 2025
    risk 0.34cvss 5.3epss 0.00

    The Booking Plugin for WordPress Appointments – Time Slot plugin for WordPress is vulnerable to unauthorized email sending in versions up to, and including, 1.4.7 due to missing validation on the tslot_appt_email AJAX action. This makes it possible for unauthenticated…