No patched version is available. No reply from the vendor.
minhtuanact discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Advanced Booking Calendar Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.
Unauth. SQL Injection (SQLi) vulnerability
02.12.2022
Unauthenticated SQL Injection (SQLi) vulnerability
28.02.2022
Authenticated Reflected CrossSite Scripting (XSS) vulnerability
30.03.2021
Unauthenticated SQL Injection (SQLi) vulnerability
22.10.2020