VDB

CISA-2023-23991

CISA-2023-23991 PUBLISHED CVSS 7.6 HIGH

Reported by Patchstack · Published March 26, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPdevelop / Oplugins Booking Calendar allows SQL Injection.This issue affects Booking Calendar: from n/a through 9.4.3.

Risk Scores

CVSS 3.1
7.6
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

Affected Products

VendorProductVersions
WPdevelop / OpluginsBooking Calendarn/a
WPdevelop / OpluginsBooking Calendarn/a, n/a

Timeline

  • Mar 26, 2024 CVE Published
  • Aug 2, 2024 CVE Updated

References

  • vdb-entry
Open in Interactive Console →
$ Console Community · 100/wk Open console ›