Vulnerabilities > Saasproject
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-04 | CVE-2023-39918 | Unspecified vulnerability in Saasproject Booking Package Unauth. | 6.1 |
2022-04-04 | CVE-2022-0709 | Unspecified vulnerability in Saasproject Booking Package The Booking Package WordPress plugin before 1.5.29 requires a token for exporting the ical representation of it's booking calendar, but this token is returned in the json response to unauthenticated users performing a booking, leading to a sensitive data disclosure vulnerability. | 7.5 |
2021-11-24 | CVE-2021-20840 | Cross-site Scripting vulnerability in Saasproject Booking Package Cross-site scripting vulnerability in Booking Package - Appointment Booking Calendar System versions prior to 1.5.11 allows a remote attacker to inject an arbitrary script via unspecified vectors. | 6.1 |