Vulnerabilities > Dwbooster > Appointment Hour Booking > 1.3.28
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-18 | CVE-2022-41692 | Missing Authorization vulnerability in Dwbooster Appointment Hour Booking Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress. | 8.8 |
2022-06-13 | CVE-2022-1710 | Cross-site Scripting vulnerability in Dwbooster Appointment Hour Booking The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | 3.5 |