Vulnerabilities > Pinpoint > Pinpoint Booking System > 2.9.9.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-13 | CVE-2023-45270 | Cross-Site Request Forgery (CSRF) vulnerability in Pinpoint Booking System Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.4.0 versions. | 8.8 |
2023-04-06 | CVE-2023-25062 | Cross-site Scripting vulnerability in Pinpoint Booking System Auth. | 4.8 |
2023-02-13 | CVE-2023-0220 | Unspecified vulnerability in Pinpoint Booking System The Pinpoint Booking System WordPress plugin before 2.9.9.2.9 does not validate and escape one of its shortcode attributes before using it in a SQL statement, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks. | 8.8 |