Codepeople Booking Calendar Contact Form
6 CVEs affecting Codepeople Booking Calendar Contact Form. Latest disclosed: 2026-04-24. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-36384 | High | 7.1 | 2023-07-18 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodePeople Booking Calendar Contact Form plugin <= 1.2.40 versions. |
CVE-2025-48231 | Medium | 6.5 | 2025-07-04 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Booking Calendar Contact Form booking-calendar… |
CVE-2025-24723 | Medium | 5.9 | 2025-01-24 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Booking Calendar Contact Form booking-calendar… |
CVE-2026-6810 | Medium | 5.3 | 2026-04-24 | The Booking Calendar Contact Form plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the d… |
CVE-2025-13318 | Medium | 5.3 | 2025-11-22 | The Booking Calendar Contact Form plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.60. This is due to miss… |
CVE-2023-25037 | Medium | 4.3 | 2024-12-09 | Missing Authorization vulnerability in CodePeople Booking Calendar Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This is… |