No patched version is available. No reply from the vendor.
minhtuanact discovered and reported this SQL Injection vulnerability in WordPress Advanced Booking Calendar Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information. This vulnerability has not been known to be fixed yet.
Multiple CrossSite Scripting (CSRF) vulnerabilities
01.12.2022
Unauthenticated SQL Injection (SQLi) vulnerability
28.02.2022
Authenticated Reflected CrossSite Scripting (XSS) vulnerability
30.03.2021
Unauthenticated SQL Injection (SQLi) vulnerability
22.10.2020