cleantalk
Vulnerabilities and Security Researches

Booking Calendar Contact Form, CVE-2023-36384

CVE, Research URL

CVE-2023-36384

Home page URL

Security reports for Booking Calendar Contact Form

Application

Booking Calendar Contact Form

Published on
Jul 18, 2023
Research Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodePeople Booking Calendar Contact Form plugin <= 1.2.40 versions.
Affected versions
Min -, max 1.2.41.
Status
vulnerable
Previous vulnerability researches
Booking Calendar Contact Form (CVE-2025-48231) , Jul 06, 2025
Booking Calendar Contact Form (CVE-2025-24723) , Jan 26, 2025
Booking Calendar Contact Form (CVE-2016-10908) , Jun 06, 2024
Booking Calendar Contact Form (CVE-2016-10909) , Jun 06, 2024
Booking Calendar Contact Form (CVE-2023-25037) , Jun 10, 2024
New vulnerability
MyRewards &#8211; Loyalty Points and Rewards for WooCommerce &#8211; Reward orders, referrals, product reviews and more (CVE-2025-24757) , Jul 06, 2025
File Manager (CVE-2025-27358) , Jul 06, 2025
Booking Calendar Contact Form (CVE-2025-48231) , Jul 06, 2025
NGG Smart Image Search (CVE-2025-52832) , Jul 05, 2025
(Simply) Guest Author Name (CVE-2025-24764) , Jul 05, 2025