Vulnerabilities > Codepeople > WP Time Slots Booking Form

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2022-41790 Missing Authorization vulnerability in Codepeople WP Time Slots Booking Form
Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76.
network
low complexity
codepeople CWE-862
8.8
8.8
2023-04-06 CVE-2023-23971 Cross-site Scripting vulnerability in Codepeople WP Time Slots Booking Form
Auth.
network
low complexity
codepeople CWE-79
4.8
4.8
2022-03-07 CVE-2022-0389 Cross-site Scripting vulnerability in Codepeople WP Time Slots Booking Form
The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
network
codepeople CWE-79
3.5
3.5