Codepeople Appointment Hour Booking – Booking Calendar
4 CVEs affecting Codepeople Appointment Hour Booking – Booking Calendar. Latest disclosed: 2026-01-28. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-4035 | High | 7.2 | 2022-11-29 | The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in versions up to, and includin… |
CVE-2022-4034 | Medium | 5.8 | 2022-11-29 | The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthent… |
CVE-2022-4036 | Medium | 5.3 | 2022-11-29 | The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use of insuffici… |
CVE-2026-1083 | Medium | 4.4 | 2026-01-28 | The Appointment Hour Booking – Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form field configuration parameters in al… |