Vulnerabilities > Wpdevart > Booking Calendar > 3.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-06 | CVE-2022-47428 | SQL Injection vulnerability in Wpdevart Booking Calendar Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7. | 9.8 |
2023-03-29 | CVE-2022-47438 | Cross-site Scripting vulnerability in Wpdevart Booking Calendar Auth. | 5.4 |
2023-02-17 | CVE-2023-24388 | Cross-Site Request Forgery (CSRF) vulnerability in Wpdevart Booking Calendar Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete). | 5.4 |