Wpbookingsystem Wp Booking System — known CVE vulnerabilities
Every CVE whose affected-product data names Wpbookingsystem Wp Booking System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2019-12239 — CVSS 7.2 (high): The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that…
CVE-2017-2168 — CVSS 6.1 (medium): Cross-site scripting vulnerability in WP Booking System Free version prior to version 1.4 and WP Booking System Premium version prior to…
CVE-2024-8797 — CVSS 6.1 (medium): The WP Booking System – Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of…
CVE-2023-24402 — CVSS 5.9 (medium): Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin <= 2.0.18…
CVE-2021-25061 — CVSS 5.4 (medium): The WP Booking System WordPress plugin before 2.0.15 was affected by a reflected xss in wp-booking-system on the wpbs-calendars admin page.