Vulnerabilities > Oplugins

DATE CVE VULNERABILITY TITLE RISK
2023-12-28 CVE-2023-50840 Unspecified vulnerability in Oplugins Booking Manager
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevelop, oplugins Booking Manager.This issue affects Booking Manager: from n/a through 2.1.5.
network
low complexity
oplugins
8.8
2023-08-16 CVE-2023-1977 Unspecified vulnerability in Oplugins Booking Manager
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network.
network
low complexity
oplugins
8.8