iqonicdesign
Enterprise Softwarecommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting iqonicdesign.
- CVE-2026-15072KiviCare <= 4.5.0 - Authenticated (Doctor+) SQL Injection via 'orderby' Parameter in KCQueryBuilder6.5
- CVE-2026-15073KiviCare <= 4.5.0 - Authenticated (Doctor+) SQL Injection via 'orderby' Parameter in DoctorSessionController6.5
- CVE-2026-11990KiviCare <= 4.4.0 - Missing Authorization to Unauthenticated Payment Bypass and Appointment Status Manipulation via /payment-success REST Endpoint5.3
- CVE-2026-25414WordPress WPBookit Pro plugin <= 1.6.18 - Privilege Escalation vulnerability8.8
- CVE-2026-25413WordPress WPBookit Pro plugin <= 1.6.18 - Arbitrary File Upload vulnerability9.9
- CVE-2026-2992KiviCare <= 4.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard8.2
- CVE-2026-2991KiviCare – Clinic & Patient Management System (EHR) <= 4.1.2 - Unauthenticated Authentication Bypass via Social Login Token7.3
- CVE-2026-1980WPBookit <= 1.0.8 - Missing Authorization to Unauthenticated Sensitive Customer Data Exposure5.3
- CVE-2026-1945WPBookit <= 1.0.8 - Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' Parameters7.2
- CVE-2026-25415WordPress WPBookit Pro plugin <= 1.6.18 - Broken Access Control vulnerability5.3
- CVE-2026-0927KiviCare – Clinic & Patient Management System (EHR) <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload5.3
- CVE-2025-12135WPBookit <= 1.0.6 - Unauthenticated Stored Cross-Site Scripting7.2
- CVE-2025-11820Graphina – Elementor Charts and Graphs <= 3.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgets6.4
- CVE-2025-8867Graphina - Elementor Charts and Graphs <= 3.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2025-7852WPBookit <= 1.0.6 - Unauthenticated Arbitrary File Upload via image_upload_handle Function9.8