cleantalk
Vulnerabilities and Security Researches

WP Booking Calendar, CVE-2022-33177

CVE, Research URL

CVE-2022-33177

Home page URL

Security reports for WP Booking Calendar

Application

WP Booking Calendar

Published on
Sep 06, 2022
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in WPdevelop/Oplugins Booking Calendar plugin <= 9.2.1 at WordPress leading to Translations Update.
Affected versions
Min -, max 4.1.6.
Status
vulnerable
Previous vulnerability researches
Booking Weir (2e61817c8a383fba887267b21f5423e453a335d3) , Jun 07, 2024
Booking Calendar &#8211; Clockwork SMS (CVE-2017-17780) , Jun 07, 2024
Booking Calendar &#8211; Clockwork SMS (CVE-2017-18555) , Jun 07, 2024
WP Booking (CVE-2024-35297) , Jun 07, 2024
Simple Booking &#8211; Widget (CVE-2024-54433) , Dec 18, 2024
New vulnerability
User Profile Builder &#8211; Beautiful User Registration Forms, User Profiles &amp; User Role Editor (CVE-2024-6708) , May 19, 2025
Maspik &#8211; Spam Blacklist (CVE-2024-9182) , May 19, 2025
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2024-8426) , May 19, 2025
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2024-8618) , May 19, 2025
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-4665) , May 19, 2025