KiviCare
Iqonic Design
Developer
4.1.2
Latest version
2,000
Installations
No date
Last updated
Vulnerability history
0 present
13 patched
5 Mitigation rules
- SQL Injection vulnerability<= 3.6.16Feb 1, 2026
- WordPress KiviCare - Clinic & Patient Management System (EHR) plugin <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload vulnerability<= 3.6.15Jan 23, 2026
- SQL Injection vulnerability<= 3.6.13Nov 27, 2025
- Authenticated (Doctor+) SQL Injection via 'u_id' Parameter vulnerability<= 3.6.7Feb 27, 2025
- Authenticated (Doctor/Receptionist+) SQL Injection vulnerability<= 3.6.4Dec 6, 2024
- Authenticated (Subscriber+) SQL Injection vulnerability<= 3.6.4Dec 6, 2024
- Unauthenticated SQL Injection vulnerability<= 3.6.4Dec 6, 2024
- Insecure Direct Object References (IDOR) vulnerability<= 3.6.6Jun 3, 2024
- Reflected Cross-Site Scripting vulnerability< 3.2.1Jun 22, 2023
- Subscriber+ Sensitive Information Disclosure vulnerability< 3.2.1Jun 22, 2023
- Subscriber+ Unauthorised AJAX Calls vulnerability< 3.2.1Jun 22, 2023
- Multiple CSRF vulnerability< 3.2.1Jun 22, 2023
- Unauthenticated SQL Injection (SQLi) vulnerability<= 2.3.8May 23, 2022