The WP Booking Calendar tool used for WordPress has a security flaw where hackers can insert harmful code through the admin settings. This can only happen if the attacker has high-level access and is logged in as an administrator. If successful, the code will run whenever someone visits the affected page. This issue only affects websites with multiple installations and those that have restricted certain types of code.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)
