Vulnerabilities > Dwbooster > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-06 | CVE-2023-41732 | Cross-Site Request Forgery (CSRF) vulnerability in Dwbooster CP Blocks Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Blocks plugin <= 1.0.20 versions. | 8.8 |
| 2022-11-29 | CVE-2022-4034 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Dwbooster Appointment Hour Booking The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. | 7.8 |
| 2022-11-18 | CVE-2022-41692 | Missing Authorization vulnerability in Dwbooster Appointment Hour Booking Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress. | 8.8 |
| 2022-06-08 | CVE-2022-1692 | SQL Injection vulnerability in Dwbooster CP Image Store With Slideshow The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the ordering_by query parameter before using it in a SQL statement in pages where the [codepeople-image-store] is embed, allowing unauthenticated users to perform an SQL injection attack | 7.5 |