Reputeinfosystems Bookingpress
14 CVEs affecting Reputeinfosystems Bookingpress. Latest disclosed: 2025-04-01. Critical: 1, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-0739 | Critical | 9.8 | 2022-03-21 | The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via… |
CVE-2024-6660 | High | 8.8 | 2024-07-17 | The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data tha… |
CVE-2024-6467 | High | 8.8 | 2024-07-17 | The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File… |
CVE-2023-50841 | High | 8.5 | 2023-12-28 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems BookingPress – Appointment Booking Cal… |
CVE-2023-51405 | High | 8.2 | 2024-04-24 | Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Boo… |
CVE-2025-31910 | High | 7.6 | 2025-04-01 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems BookingPress bookingpress-appointment-b… |
CVE-2024-3022 | High | 7.2 | 2024-04-04 | The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' func… |
CVE-2023-6219 | High | 7.2 | 2023-11-28 | The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function… |
CVE-2025-24732 | Medium | 6.5 | 2025-01-24 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems BookingPress bookingpress-appointment-b… |
CVE-2024-34799 | Medium | 6.5 | 2024-06-11 | Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82. |
CVE-2024-10540 | Medium | 5.3 | 2024-11-02 | The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'service' parameter of… |
CVE-2023-36507 | Medium | 5.3 | 2023-11-30 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Sc… |
CVE-2022-4340 | Medium | 5.3 | 2023-01-02 | The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference (IDOR) vulnerability in it's thank you page, allowing any visi… |
CVE-2024-31296 | Medium | 4.3 | 2024-04-07 | Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81. |