Vulnerabilities > Pinpoint
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-13 | CVE-2023-45270 | Cross-Site Request Forgery (CSRF) vulnerability in Pinpoint Booking System Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.4.0 versions. | 8.8 |
2023-04-06 | CVE-2023-25062 | Cross-site Scripting vulnerability in Pinpoint Booking System Auth. | 4.8 |
2023-02-13 | CVE-2023-0220 | Unspecified vulnerability in Pinpoint Booking System The Pinpoint Booking System WordPress plugin before 2.9.9.2.9 does not validate and escape one of its shortcode attributes before using it in a SQL statement, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks. | 8.8 |
2019-10-10 | CVE-2015-9460 | SQL Injection vulnerability in Pinpoint Booking System The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter. | 6.5 |