VYPR
Vendor

Pinpoint

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2023-38520MedJun 4, 2024
    risk 0.42cvss 6.5epss 0.00

    External Control of Assumed-Immutable Web Parameter vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Functionality Misuse.This issue affects Pinpoint Booking System: from n/a through 2.9.9.3.4.

  • CVE-2023-25062MedApr 6, 2023
    risk 0.38cvss 5.9epss 0.01

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.2.8 versions.

  • CVE-2024-13235MedFeb 21, 2025
    risk 0.35cvss 6.5epss 0.00

    The Pinpoint Booking System – #1 WordPress Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the 'language' parameter in all versions up to, and including, 2.9.9.5.4 due to insufficient escaping on the user supplied parameter and lack of sufficient…

  • CVE-2023-45270MedOct 13, 2023
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.4.0 versions.

  • CVE-2024-7112Sep 7, 2024
    risk 0.00cvss epss 0.01

    The Pinpoint Booking System – #1 WordPress Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘schedule’ parameter in all versions up to, and including, 2.9.9.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient…