KiviCare
Iqonic Design
Developer
4.3.0
Latest version
2,000
Installations
No date
Last updated
Vulnerability history
0 present
17 patched
9 Mitigation rules
- Reflected Cross Site Scripting (XSS) vulnerability<= 3.6.1623/03/2026
- Broken Access Control vulnerability<= 3.6.1623/03/2026
- WordPress KiviCare - Clinic & Patient Management System (EHR) plugin <= 4.1.2 - Unauthenticated Authentication Bypass via Social Login Token vulnerability<= 4.1.220/03/2026
- Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard vulnerability<= 4.1.220/03/2026
- SQL Injection vulnerability<= 3.6.1601/02/2026
- WordPress KiviCare - Clinic & Patient Management System (EHR) plugin <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload vulnerability<= 3.6.1523/01/2026
- SQL Injection vulnerability<= 3.6.1327/11/2025
- Authenticated (Doctor+) SQL Injection via 'u_id' Parameter vulnerability<= 3.6.727/02/2025
- Authenticated (Doctor/Receptionist+) SQL Injection vulnerability<= 3.6.406/12/2024
- Authenticated (Subscriber+) SQL Injection vulnerability<= 3.6.406/12/2024
- Unauthenticated SQL Injection vulnerability<= 3.6.406/12/2024
- Insecure Direct Object References (IDOR) vulnerability<= 3.6.603/06/2024
- Reflected Cross-Site Scripting vulnerability< 3.2.122/06/2023
- Subscriber+ Sensitive Information Disclosure vulnerability< 3.2.122/06/2023
- Subscriber+ Unauthorised AJAX Calls vulnerability< 3.2.122/06/2023
- Multiple CSRF vulnerability< 3.2.122/06/2023
- Unauthenticated SQL Injection (SQLi) vulnerability<= 2.3.823/05/2022