cleantalk
Vulnerabilities and Security Researches

Booking for Appointments and Events Calendar – Amelia, CVE-2022-0627

CVE, Research URL

CVE-2022-0627

Home page URL

Security reports for Booking for Appointments and Events Calendar – Amelia

Application

Booking for Appointments and Events Calendar – Amelia

Published on
Mar 22, 2022
Research Description
The Amelia WordPress plugin before 1.0.47 does not sanitize and escape the code parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Affected versions
Min -, max 1.0.47.
Status
vulnerable
Previous vulnerability researches
Booking for Appointments and Events Calendar – Amelia (CVE-2024-22298) , Jun 10, 2024
Booking for Appointments and Events Calendar – Amelia (CVE-2024-6225) , Jun 22, 2024
Booking for Appointments and Events Calendar – Amelia (CVE-2022-0616) , Jun 07, 2024
Booking for Appointments and Events Calendar – Amelia (CVE-2022-0687) , Jun 07, 2024
Booking for Appointments and Events Calendar – Amelia (CVE-2022-0720) , Jun 07, 2024
New vulnerability
Big Boom Directory (CVE-2024-13673) , Apr 04, 2025
LuckyWP Table of Contents (CVE-2025-2299) , Apr 04, 2025
Customizable WordPress Gallery Plugin – Modula Image Gallery (CVE-2024-9416) , Apr 04, 2025
Contact Form vCard Generator (CVE-2025-31582) , Apr 04, 2025
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) (CVE-2025-1663) , Apr 04, 2025