cleantalk
Vulnerabilities and Security Researches

WP Time Slots Booking Form, CVE-2022-0389

CVE, Research URL

CVE-2022-0389

Home page URL

Security reports for WP Time Slots Booking Form

Application

WP Time Slots Booking Form

Published on
Mar 07, 2022
Research Description
The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Affected versions
max 1.1.63.
Status
vulnerable
Previous vulnerability researches
WP Time Slots Booking Form (CVE-2023-23895) , Jun 10, 2024
WP Time Slots Booking Form (CVE-2026-32432) , Mar 29, 2026
WP Time Slots Booking Form (CVE-2022-41790) , Jun 07, 2024
WP Time Slots Booking Form (CVE-2023-23971) , Jun 07, 2024
WP Time Slots Booking Form (CVE-2022-0389) , Jun 07, 2024
New vulnerability
Customizable WordPress Gallery Plugin – Modula Image Gallery (CVE-2026-39481) , May 02, 2026
WP Meta and Date Remover (CVE-2024-13362) , May 02, 2026
Music Player for Elementor – Audio Player & Podcast Player (CVE-2024-13362) , May 02, 2026
Remove Add to Cart WooCommerce (CVE-2024-13362) , May 02, 2026
EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin (easy docs, knowledgebase) (CVE-2024-13362) , May 02, 2026