VYPR

Bookingpress Appointment Booking

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-7350CriAug 8, 2024
    risk 0.57cvss 9.8epss 0.01

    The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin not properly verifying a user's identity prior to logging them in when…

  • CVE-2024-11726MedDec 24, 2024
    risk 0.35cvss 6.5epss 0.00

    The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter of the 'bookingpress_form' shortcode in all versions up to, and including, 1.1.21 due to insufficient escaping on the…