Vulnerabilities > Reputeinfosystems
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-02 | CVE-2024-10540 | SQL Injection vulnerability in Reputeinfosystems Bookingpress The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'service' parameter of the bookingpress_form shortcode in all versions up to, and including, 1.1.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2024-06-09 | CVE-2024-32703 | Unspecified vulnerability in Reputeinfosystems Arforms Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4. | 8.1 |
| 2024-06-09 | CVE-2024-32704 | Unspecified vulnerability in Reputeinfosystems Arforms Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4. | 6.5 |
| 2024-06-09 | CVE-2024-32705 | Unspecified vulnerability in Reputeinfosystems Arforms Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4. | 8.8 |
| 2024-02-05 | CVE-2024-0969 | Unspecified vulnerability in Reputeinfosystems Armember The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. | 5.3 |
| 2024-01-11 | CVE-2023-6828 | Cross-site Scripting vulnerability in Reputeinfosystems Arforms Form Builder The Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ arf_http_referrer_url’ parameter in all versions up to, and including, 1.5.8 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-01-08 | CVE-2023-52200 | Unspecified vulnerability in Reputeinfosystems Armember Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: n/a. | 9.8 |
| 2023-12-28 | CVE-2023-50841 | Unspecified vulnerability in Reputeinfosystems Bookingpress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.72. | 8.8 |
| 2023-11-30 | CVE-2023-36507 | Unspecified vulnerability in Reputeinfosystems Bookingpress Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64. | 5.3 |
| 2023-11-28 | CVE-2023-6219 | Unrestricted Upload of File with Dangerous Type vulnerability in Reputeinfosystems Bookingpress The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. | 7.2 |