Vulnerabilities > Codepeople > WP Time Slots Booking Form > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-08 | CVE-2024-35734 | Unspecified vulnerability in Codepeople WP Time Slots Booking Form Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10. | 6.1 |
| 2023-04-06 | CVE-2023-23971 | Unspecified vulnerability in Codepeople WP Time Slots Booking Form Auth. | 4.8 |
| 2022-03-07 | CVE-2022-0389 | Cross-site Scripting vulnerability in Codepeople WP Time Slots Booking Form The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | 4.8 |