Amelia
ameliabooking
Developer
1.2.38
Latest version
90,000
Installations
12 hours ago
Last updated
Vulnerability history
0 present
21 fixed
9 Mitigation rules
- WordPress Amelia plugin - 1.2.18-1.2.36 - Unauthenticated Sensitive Information Exposure vulnerability1.2.18-1.2.36Nov 18, 2025
- Unauthenticated SQL Injection via search vulnerability<= 1.2.35Nov 17, 2025
- Unauthenticated Full Path Disclosure vulnerability<= 1.2.19Mar 27, 2025
- Insecure Direct Object References (IDOR) vulnerability<= 1.2.16Feb 23, 2025
- Missing Authorization to Sensitive Information Exposure vulnerability<= 1.2.4Sep 5, 2024
- Unauthenticated Full Path Disclosure vulnerability<= 1.2Aug 8, 2024
- Malicious Polyfill.io Embed vulnerability<= 1.1.8Jul 3, 2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 1.1.5Jun 20, 2024
- Cross Site Request Forgery (CSRF) vulnerability<= 1.0.95Apr 10, 2024
- Reflected Cross-Site Scripting vulnerability<= 1.0.98Mar 1, 2024
- Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode vulnerability<= 1.0.93Jan 19, 2024
- Broken Access Control vulnerability<= 1.0.98Jan 17, 2024
- Cross Site Scripting (XSS) vulnerability<= 1.0.85Dec 22, 2023
- Cross Site Scripting (XSS) vulnerability<= 1.0.75Apr 6, 2023
- SMS Service Abuse and Sensitive Data Disclosure vulnerability<= 1.0.47Mar 14, 2022
- Arbitrary Appointments Status Update vulnerability<= 1.0.48Mar 14, 2022
- Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability<= 1.0.46Mar 2, 2022
- Arbitrary Appointments Update and Sensitive Data Disclosure vulnerability<= 1.0.46Mar 1, 2022
- Remote Code Execution (RCE) vulnerability<= 1.0.45Feb 23, 2022
- Arbitrary Customer Deletion via Cross-Site Request Forgery (CSRF) vulnerability<= 1.0.45Feb 23, 2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 1.0.45Feb 23, 2022