Vulnerabilities > Reputeinfosystems

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-30	CVE-2023-36507	Unspecified vulnerability in Reputeinfosystems Bookingpress Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64. network low complexity reputeinfosystems	5.3
2023-11-28	CVE-2023-6219	Unrestricted Upload of File with Dangerous Type vulnerability in Reputeinfosystems Bookingpress The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. network low complexity reputeinfosystems CWE-434	7.2
2023-11-03	CVE-2022-46808	SQL Injection vulnerability in Reputeinfosystems Armember Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11. network low complexity reputeinfosystems CWE-89 critical	9.8
2023-06-22	CVE-2023-33323	Cross-site Scripting vulnerability in Reputeinfosystems Armember Auth. network low complexity reputeinfosystems CWE-79	4.8
2023-06-12	CVE-2022-47140	Cross-site Scripting vulnerability in Reputeinfosystems Armember Unauth. network low complexity reputeinfosystems CWE-79	6.1
2023-04-18	CVE-2022-45838	Cross-site Scripting vulnerability in Reputeinfosystems Arforms Form Builder Unauth. network low complexity reputeinfosystems CWE-79	6.1
2023-01-02	CVE-2022-4340	Unspecified vulnerability in Reputeinfosystems Bookingpress The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference (IDOR) vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointment_id query parameter. network low complexity reputeinfosystems	5.3
2022-05-16	CVE-2022-0867	SQL Injection vulnerability in Reputeinfosystems Pricing Table The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users network low complexity reputeinfosystems CWE-89 critical	9.8
2022-03-21	CVE-2022-0739	SQL Injection vulnerability in Reputeinfosystems Bookingpress The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection network low complexity reputeinfosystems CWE-89 critical	9.8
2021-12-06	CVE-2021-24718	Cross-site Scripting vulnerability in Reputeinfosystems Contact Form, Survey & Popup Form Plugin for Wordpress - Arforms Form Builder The Contact Form, Survey & Popup Form Plugin for WordPress plugin before 1.5 does not properly sanitize some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed network low complexity reputeinfosystems CWE-79	4.8

Vulnerabilities > Reputeinfosystems {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Reputeinfosystems"}]}

Vulnerabilities > Reputeinfosystems