Known Vulnerabilities for products from Dwbooster
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Dwbooster".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-41732 json | Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Blocks plugin <= 1.0.20 versions. | 8.8 - HIGH | 2023-10-06 | 2023-10-10 |
| CVE-2023-6446 json | The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versio... | Not Provided | 2024-01-11 | 2026-04-08 |
| CVE-2022-41692 json | Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress. | 8.8 - HIGH | 2022-11-18 | 2022-11-21 |
| CVE-2022-4036 json | The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. T... | Not Provided | 2022-11-29 | 2026-04-08 |
| CVE-2022-4035 json | The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field para... | Not Provided | 2022-11-29 | 2026-04-08 |
| CVE-2022-4034 json | The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. Th... | Not Provided | 2022-11-29 | 2026-04-08 |
| CVE-2022-3427 json | The Corner Ad plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.56. This... | Not Provided | 2022-12-15 | 2026-04-08 |
| CVE-2022-2846 json | The Calendar Event Multi View WordPress plugin before 1.4.07 does not have any authorisation and CSRF checks in place when cr... | 4.3 - MEDIUM | 2022-08-16 | 2023-04-05 |
| CVE-2022-2169 json | The Loading Page with Loading Screen WordPress plugin before 1.0.83 does not escape its settings, allowing high privilege use... | 4.8 - MEDIUM | 2022-07-17 | 2022-07-18 |
| CVE-2022-1710 json | The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, w... | 4.8 - MEDIUM | 2022-06-13 | 2022-06-17 |
| CVE-2022-1692 json | The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the ordering_by query parameter... | 9.8 - CRITICAL | 2022-06-08 | 2022-06-15 |
| CVE-2022-0448 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.8 - MEDIUM | 2022-03-07 | 2022-03-11 |
| CVE-2021-24712 json | The Appointment Hour Booking WordPress plugin before 1.3.17 does not properly sanitize values used when creating new calendar... | 5.4 - MEDIUM | 2021-10-11 | 2021-10-15 |
| CVE-2021-24673 json | The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high... | 4.8 - MEDIUM | 2021-10-04 | 2021-10-08 |
| CVE-2021-24498 json | The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters... | 6.1 - MEDIUM | 2021-08-02 | 2021-08-10 |
| CVE-2019-13505 json | The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email_1. | 6.1 - MEDIUM | 2019-07-11 | 2023-01-30 |
| CVE-2017-18579 json | The corner-ad plugin before 1.0.8 for WordPress has XSS. | 6.1 - MEDIUM | 2019-08-22 | 2019-08-29 |
Known software with vulnerabilities from Dwbooster
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Dwbooster | Appointment Hour Booking | 1.0.02 |
| Application | Dwbooster | Corner Ad | 1.0 |