Vulnerabilities and security researches forbooking-calendar-contact-form booking-calendar-contact-form

Jun 06, 2024

CVE, Research URL: CVE-2016-10908
Home page URL: Security reports for Booking Calendar Contact Form
Application: Booking Calendar Contact Form
Date: Aug 21, 2019
Research Description: The booking-calendar-contact-form plugin before 1.0.24 for WordPress has XSS.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2016-10909
Home page URL: Security reports for Booking Calendar Contact Form
Application: Booking Calendar Contact Form
Date: Aug 21, 2019
Research Description: The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-36384
Home page URL: Security reports for Booking Calendar Contact Form
Application: Booking Calendar Contact Form
Date: Jul 18, 2023
Research Description: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodePeople Booking Calendar Contact Form plugin <= 1.2.40 versions.
Affected versions: Min -, max -.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-25037
Home page URL: Security reports for Booking Calendar Contact Form
Application: Booking Calendar Contact Form
Date: Dec 09, 2024
Research Description: Missing Authorization vulnerability in CodePeople Booking Calendar Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Calendar Contact Form: from n/a through 1.2.34.
Affected versions: Min -, max -.
Status: vulnerable

Jan 26, 2025

CVE, Research URL: CVE-2025-24723
Home page URL: Security reports for Booking Calendar Contact Form
Application: Booking Calendar Contact Form
Date: Jan 24, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodePeople Booking Calendar Contact Form allows Stored XSS. This issue affects Booking Calendar Contact Form: from n/a through 1.2.55.
Affected versions: Min -, max -.
Status: vulnerable

Jul 06, 2025

CVE, Research URL: CVE-2025-48231
Home page URL: Security reports for Booking Calendar Contact Form
Application: Booking Calendar Contact Form
Date: Jul 04, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Booking Calendar Contact Form allows Stored XSS. This issue affects Booking Calendar Contact Form: from n/a through 1.2.58.
Affected versions: Min -, max -.
Status: vulnerable