Wpsimplebookingcalendar Wp Simple Booking Calendar — known CVE vulnerabilities
Every CVE whose affected-product data names Wpsimplebookingcalendar Wp Simple Booking Calendar, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-24726 — CVSS 8.8 (high): The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search…
CVE-2024-8663 — CVSS 6.1 (medium): The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg &…