Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin 1.0.11

  • Severity: critical
  • Status: Open
  • Publication: February 28, 2022

The BookingPress WordPress plugin had a problem before version 1.0.11 which could have allowed unauthenticated users to inject malicious code into a database. This code could have been used to access sensitive information or cause damage. The problem was caused by the plugin not properly checking user supplied data before it was used in a query.

Detected in:

Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress fixed vulnerable versions:
Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress fixed vulnerable versions:
BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin open vulnerable versions: >= * < 1.0.11

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.