Vulnerabilities > Codepeople
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-22 | CVE-2020-7228 | Cross-site Scripting vulnerability in Codepeople Calculated Fields Form The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. | 5.4 |
| 2019-09-17 | CVE-2016-10992 | Cross-site Scripting vulnerability in Codepeople Music Store 1.0.141 The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter. | 6.1 |
| 2019-08-27 | CVE-2015-9348 | Improper Input Validation vulnerability in Codepeople Sell Downloads The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs. | 7.5 |
| 2019-08-27 | CVE-2015-9346 | Cross-site Scripting vulnerability in Codepeople Polls CP The cp-polls plugin before 1.0.5 for WordPress has XSS. | 6.1 |
| 2019-08-27 | CVE-2014-10395 | Cross-site Scripting vulnerability in Codepeople Polls CP The cp-polls plugin before 1.0.1 for WordPress has XSS in the votes list. | 6.1 |
| 2019-08-22 | CVE-2016-10916 | SQL Injection vulnerability in Codepeople Appointment Booking Calendar The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319. | 9.8 |
| 2019-08-21 | CVE-2016-10909 | SQL Injection vulnerability in Codepeople Booking Calendar Contact Form The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection. | 9.8 |
| 2019-08-21 | CVE-2016-10908 | Cross-site Scripting vulnerability in Codepeople Booking Calendar Contact Form The booking-calendar-contact-form plugin before 1.0.24 for WordPress has XSS. | 6.1 |
| 2019-08-15 | CVE-2019-14784 | Cross-site Scripting vulnerability in Codepeople CP Contact Form With Paypal The "CP Contact Form with PayPal" plugin before 1.2.98 for WordPress has XSS in CSS edition. | 6.1 |
| 2019-08-13 | CVE-2018-20964 | Cross-Site Request Forgery (CSRF) vulnerability in Codepeople Contact Form Email The contact-form-to-email plugin before 1.2.66 for WordPress has CSRF. | 8.8 |