BookingPress

Authenticated (Subscriber+) SQL Injection vulnerability <= 1.1.16

1.1.7 Authentication Bypass to Account Takeover vulnerability 1.1.6 - 1.1.7

Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload vulnerability <= 1.1.5

Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation vulnerability <= 1.1.5

Appointment Duration Manipulation vulnerability <= 1.0.82