cleantalk
Vulnerabilities and Security Researches

Booking Calendar Contact Form, CVE-2016-10909

CVE, Research URL

CVE-2016-10909

Home page URL

Security reports for Booking Calendar Contact Form

Application

Booking Calendar Contact Form

Published on
Aug 21, 2019
Research Description
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection.
Affected versions
max 1.2.35.
Status
vulnerable
Previous vulnerability researches
Booking Calendar Contact Form (CVE-2025-48231) , Jul 06, 2025
Booking Calendar Contact Form (CVE-2025-24723) , Jan 26, 2025
Booking Calendar Contact Form (CVE-2016-10908) , Jun 06, 2024
Booking Calendar Contact Form (CVE-2016-10909) , Jun 06, 2024
Booking Calendar Contact Form (CVE-2023-25037) , Jun 10, 2024
New vulnerability
FileBird – WordPress Media Library Folders & File Manager (CVE-2025-11510) , Oct 29, 2025
WordPress Webinar Plugin – WebinarPress (CVE-2025-62972) , Oct 29, 2025
Genealogical Tree – WordPress Family Tree (CVE-2025-58023) , Oct 12, 2025
WPB Quick View Popup for WooCommerce – Display Product Informations in Popup on Button Click (CVE-2025-57967) , Oct 12, 2025
Mixtape (CVE-2025-9860) , Oct 12, 2025