Vulnerabilities > Codepeople > Appointment Booking Calendar > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-18	CVE-2022-43482	Missing Authorization vulnerability in Codepeople Appointment Booking Calendar Missing Authorization vulnerability in Appointment Booking Calendar plugin <= 1.3.69 on WordPress. network low complexity codepeople CWE-862	8.8
2020-03-04	CVE-2020-9372	Improper Neutralization of Formula Elements in a CSV File vulnerability in Codepeople Appointment Booking Calendar The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or Name) in any booking form to be any formula, which then could be exported via the Bookings list tab in /wp-admin/admin.php?page=cpabc_appointments.php. local low complexity codepeople CWE-1236	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.