Vulnerabilities (CVE)

Filtered by vendor Elbtide Subscribe

Filtered by product Advanced Booking Calendar

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-24232	1 Elbtide	1 Advanced Booking Calendar	2021-04-29	3.5 LOW	5.4 MEDIUM
The Advanced Booking Calendar WordPress plugin before 1.6.8 does not sanitise the license error message when output in the settings page, leading to an authenticated reflected Cross-Site Scripting issue
CVE-2021-24225	1 Elbtide	1 Advanced Booking Calendar	2021-04-20	3.5 LOW	5.4 MEDIUM
The Advanced Booking Calendar WordPress plugin before 1.6.7 did not sanitise the calId GET parameter in the "Seasons & Calendars" page before outputing it in an A tag, leading to a reflected XSS issue