ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Booking Calendar Contact Form Plugin 1.0.23 - Multiple Vulnerabilities

Product
Booking Calendar Contact Form
Description
This plugin is prone to multiple vulnerabilities, such as unauthenticated blind SQL injection, privilege escalation and stored XSS vulnerabilities.
Solution
Upgrade the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.23
Fixed In 1.0.24
Disclosure date
2016-02-08
Credits
i0akiN SEC-LABORATORY