Filtered by vendor Dwbooster
Subscribe
Search
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2169 | 1 Dwbooster | 1 Loading Page With Loading Screen | 2022-07-18 | 3.5 LOW | 4.8 MEDIUM |
| The Loading Page with Loading Screen WordPress plugin before 1.0.83 does not escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2022-1710 | 1 Dwbooster | 1 Appointment Hour Booking | 2022-06-17 | 3.5 LOW | 4.8 MEDIUM |
| The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | |||||
| CVE-2021-24712 | 1 Dwbooster | 1 Appointment Hour Booking | 2021-10-15 | 3.5 LOW | 5.4 MEDIUM |
| The Appointment Hour Booking WordPress plugin before 1.3.17 does not properly sanitize values used when creating new calendars. | |||||
| CVE-2021-24673 | 1 Dwbooster | 1 Appointment Hour Booking | 2021-10-08 | 3.5 LOW | 4.8 MEDIUM |
| The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2021-24498 | 1 Dwbooster | 1 Calendar Event Multi View | 2021-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue. | |||||
| CVE-2017-18579 | 1 Dwbooster | 1 Corner Ad | 2019-08-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| The corner-ad plugin before 1.0.8 for WordPress has XSS. | |||||
| CVE-2019-13505 | 1 Dwbooster | 1 Appointment Hour Booking | 2019-07-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email_1. | |||||