Availability booking calendar
This hub aggregates every CVE we track for Availability booking calendar, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
3
Critical
2
High
0
In CISA KEV
Severity distribution
CRITICAL3HIGH2MEDIUM2LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting Availability booking calendar.
- CVE-2023-48831A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion.7.5
- CVE-2023-48825Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.5.4
- CVE-2023-48207Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component.8.8
- CVE-2023-48208A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country ...6.1
- CVE-2023-4110PHP Jabbers Availability Booking Calendar index.php cross site scripting3.5
- CVE-2023-36132PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control.9.8
- CVE-2023-36133PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change.9.8
- CVE-2023-36131PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter.9.8
Product normalization is registry-driven with AI assist and human review. How it works