Vulnerabilities > Codepeople > WP Time Slots Booking Form

DATE CVE VULNERABILITY TITLE RISK
2024-06-10 CVE-2024-35735 Missing Authorization vulnerability in Codepeople WP Time Slots Booking Form
Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11.
network
low complexity
codepeople CWE-862
critical
 9.8
9.8
2024-06-09 CVE-2024-33543 Missing Authorization vulnerability in Codepeople WP Time Slots Booking Form
Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.06.
network
low complexity
codepeople CWE-862
7.5
7.5
2024-06-08 CVE-2024-35734 Cross-site Scripting vulnerability in Codepeople WP Time Slots Booking Form
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10.
network
low complexity
codepeople CWE-79
6.1
6.1
2024-01-17 CVE-2022-41790 Missing Authorization vulnerability in Codepeople WP Time Slots Booking Form
Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76.
network
low complexity
codepeople CWE-862
8.8
8.8
2023-04-06 CVE-2023-23971 Cross-site Scripting vulnerability in Codepeople WP Time Slots Booking Form
Auth.
network
low complexity
codepeople CWE-79
4.8
4.8
2022-03-07 CVE-2022-0389 Cross-site Scripting vulnerability in Codepeople WP Time Slots Booking Form
The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
network
codepeople CWE-79
3.5
3.5