WPBookit
Iqonic Design
Developer
1.0.9
Latest version
10
Installations
No date
Last updated
Vulnerability history
2 present
12 patched
10 Mitigation rules
- Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' Parameters vulnerability<= 1.0.805/03/2026
- Missing Authorization to Unauthenticated Sensitive Customer Data Exposure vulnerability<= 1.0.803/03/2026
- Customer Deletion via CSRF vulnerability<= 1.0.702/01/2026
- Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Email Update vulnerability<= 1.0.231/12/2025
- Unauthenticated Stored Cross-Site Scripting vulnerability<= 1.0.624/11/2025
- Unauthenticated Arbitrary File Upload via image_upload_handle Function vulnerability<= 1.0.623/07/2025
- Authenticated (Subscriber+) Arbitrary File Upload vulnerability<= 1.0.411/07/2025
- Unauthenticated Arbitrary File Upload vulnerability<= 1.0.411/07/2025
- Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Account Takeover vulnerability<= 1.0.208/05/2025
- Broken Access Control vulnerability<= 1.0.704/04/2025
- Cross Site Request Forgery (CSRF) Vulnerability<= 1.0.109/03/2025
- Unauthenticated Arbitrary File Upload vulnerability<= 1.6.927/01/2025
- Unauthenticated Arbitrary User Password Change vulnerability<= 1.6.409/01/2025
- SQL Injection vulnerability<= 1.6.011/12/2024