Known Vulnerabilities for products from Codepeople
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Codepeople".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32483 | Not Provided | 2026-03-25 | 2026-03-26 | |
| CVE-2026-25465 | Not Provided | 2026-03-25 | 2026-03-25 | |
| CVE-2025-68850 | Not Provided | 2026-01-05 | 2026-04-01 | |
| CVE-2025-68569 | Not Provided | 2025-12-24 | 2026-04-01 | |
| CVE-2025-58009 | Not Provided | 2025-09-22 | 2026-04-01 | |
| CVE-2025-50025 | Not Provided | 2025-06-20 | 2026-04-01 | |
| CVE-2025-49332 | Not Provided | 2025-06-06 | 2026-04-01 | |
| CVE-2025-49291 | Cross-Site Request Forgery (CSRF) vulnerability in codepeople Calculated Fields Form calculated-fields-form allows Cross Site... | Not Provided | 2025-06-06 | 2026-04-01 |
| CVE-2025-48231 | Not Provided | 2025-07-04 | 2026-04-01 | |
| CVE-2025-47472 | Not Provided | 2025-05-07 | 2026-04-01 | |
| CVE-2025-46247 | Missing Authorization vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows Accessing ... | Not Provided | 2025-04-22 | 2026-04-01 |
| CVE-2025-46241 | Cross-Site Request Forgery (CSRF) vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allow... | Not Provided | 2025-04-22 | 2026-04-01 |
| CVE-2025-24727 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Contact Form... | Not Provided | 2025-01-24 | 2026-04-01 |
| CVE-2022-0389 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.8 - MEDIUM | 2022-03-07 | 2022-03-11 |
| CVE-2021-42361 | The Contact Form Email WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and... | 4.8 - MEDIUM | 2021-11-17 | 2021-11-18 |
| CVE-2020-9372 | The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or Name)... | 7.8 - HIGH | 2020-03-04 | 2022-01-01 |
| CVE-2020-9371 | Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file,... | 4.8 - MEDIUM | 2020-03-04 | 2022-10-06 |
| CVE-2020-7228 | The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in t... | 5.4 - MEDIUM | 2020-01-22 | 2020-01-24 |
| CVE-2019-14791 | The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter... | 6.1 - MEDIUM | 2019-08-09 | 2019-08-14 |
| CVE-2019-14785 | The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.... | 5.4 - MEDIUM | 2019-08-09 | 2019-08-15 |
Known software with vulnerabilities from Codepeople
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Codepeople | Appointment Booking Calendar | 1.0.1 |
| Application | Codepeople | Booking Calendar Contact Form | 1.0.1 |
| Application | Codepeople | Calculated Fields Form | 1.0.346 |
| Application | Codepeople | Com Multicalendar | 4.0.2 |
| Application | Codepeople | Contact Form Email | 1.0.1 |
| Application | Codepeople | Cp Contact Form With Paypal | - |
| Application | Codepeople | Payment Form For Paypal Pro | 1.0.1 |
| Application | Codepeople | Polls Cp | 1.0.1 |
| Application | Codepeople | Sell Downloads | 1.0 |