VYPR

Wp Booking System

by WordPress

Source repositories

CVEs (7)

  • CVE-2024-50425MedOct 29, 2024
    risk 0.42cvss 6.5epss 0.00

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roland Murg WP Booking System wp-booking-system.This issue affects WP Booking System: from n/a through <= 2.0.19.10.

  • CVE-2017-2168MedMay 22, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting vulnerability in WP Booking System Free version prior to version 1.4 and WP Booking System Premium version prior to version 3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2025-68515MedMar 5, 2026
    risk 0.38cvss 5.8epss 0.00

    Insertion of Sensitive Information Into Sent Data vulnerability in Roland Murg WP Booking System wp-booking-system allows Retrieve Embedded Sensitive Data.This issue affects WP Booking System: from n/a through <= 2.0.19.12.

  • CVE-2023-49758MedDec 9, 2024
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Roland Murg WP Booking System wp-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Booking System: from n/a through <= 2.0.19.2.

  • CVE-2023-24402Apr 7, 2023
    risk 0.00cvss epss 0.00

    Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin <= 2.0.18 versions.

  • CVE-2021-25061Jan 17, 2022
    risk 0.00cvss epss 0.01

    The WP Booking System WordPress plugin before 2.0.15 was affected by a reflected xss in wp-booking-system on the wpbs-calendars admin page.

  • CVE-2019-12239May 20, 2019
    risk 0.00cvss epss 0.01

    The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.