Filtered by vendor Boxystudio
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-36399 | 1 Boxystudio | 1 Booked | 2024-01-04 | 7.5 High |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BoxyStudio Booked - Appointment Booking for WordPress | Calendars.This issue affects Booked - Appointment Booking for WordPress | Calendars: from n/a before 2.4.4. | ||||
CVE-2022-3900 | 1 Boxystudio | 1 Cooked | 2023-11-07 | 9.8 Critical |
The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipe_args parameter before unserializing it in the cooked_loadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection vulnerability. | ||||
CVE-2023-44477 | 1 Boxystudio | 1 Cooked | 2023-10-03 | 5.4 Medium |
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Boxy Studio Cooked plugin <= 1.7.13 versions. | ||||
CVE-2021-24233 | 1 Boxystudio | 1 Cooked | 2021-04-29 | 6.1 Medium |
The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an arbitrary attribute. |
Page 1 of 1.