wpdevart
Web & CMS Pluginscommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting wpdevart.
- CVE-2026-24597WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability4.3
- CVE-2022-50959WordPress Contact Form Builder 1.6.1 Cross-Site Scripting via code_generator.php6.1
- CVE-2026-25435WordPress Booking calendar, Appointment Booking System plugin <= 3.2.36 - Cross Site Scripting (XSS) vulnerability7.1
- CVE-2025-14555Countdown Timer - Widget Countdown <= 2.7.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4
- CVE-2025-67574WordPress Booking calendar, Appointment Booking System plugin <= 3.2.30 - Broken Access Control vulnerability5.3
- CVE-2025-62886WordPress Pricing Table builder plugin <= 1.5.3 - Cross Site Request Forgery (CSRF) vulnerability7.1
- CVE-2025-2537Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library6.4
- CVE-2025-47443WordPress Widget Countdown plugin <= 2.7.4 - Cross Site Scripting (XSS) Vulnerability6.5
- CVE-2025-24719WordPress Widget Countdown plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-12077Booking Calendar and Booking Calendar Pro <= Multiple Versions - Reflected Cross-Site Scripting via 'calendar_id'6.1
- CVE-2023-45631WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability4.3
- CVE-2024-10856Booking Calendar WpDevArt <= 3.2.19 - Authenticated (Contributor+) SQL Injection6.5
- CVE-2023-24407WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Broken Access Control vulnerability5.0
- CVE-2024-9504Booking calendar, Appointment Booking System <= 3.2.15 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload7.2
- CVE-2024-7355Organization chart <= 1.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via title_input and node_description Parameters4.9