Booking Calendar
wpdevelop
Developer
10.14.8
Latest version
50,000
Installations
Nov 10, 2025
Last updated
Vulnerability history
0 present
21 fixed
6 Mitigation rules
- Cross Site Scripting (XSS) vulnerability<= 10.14.75 days ago
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 10.14.1Aug 27, 2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via wpbc Shortcode vulnerability<= 10.11.1May 16, 2025
- Unauthenticated Post-Confirmation Booking Manipulation vulnerability<= 10.10Feb 11, 2025
- Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'booking' Shortcode vulnerability<= 10.9.2Jan 13, 2025
- Admin+ Stored XSS vulnerability< 10.6.3Nov 7, 2024
- Authenticated (Admin+) Stored Cross-Site Scripting vulnerability<= 10.6Oct 4, 2024
- Reflected Cross-Site Scripting vulnerability<= 10.5Aug 30, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via bookingform Shortcode vulnerability<= 10.2.1Jul 24, 2024
- Unauthenticated SQL Injection vulnerability<= 9.9Feb 7, 2024
- Cross Site Scripting (XSS) vulnerability< 9.7.4Dec 27, 2023
- Unauthenticated Stored Cross-Site Scripting vulnerability<= 9.7.3Oct 17, 2023
- SQL Injection<= 9.4.3Jan 20, 2023
- Cross-Site Request Forgery (CSRF) leading to Translations Update<= 9.2.1Sep 6, 2022
- Insecure Deserialization/PHP Object Injection vulnerability<= 9.1Apr 27, 2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 8.9.1Dec 6, 2021
- SQL Injection (SQLi) vulnerability<= 8.4.5.14Feb 14, 2019
- Reflected Cross Site Scripting<= 6.2Aug 1, 2016
- SQL Injection (SQLi) vulnerability<= 6.2Aug 1, 2016
- SQL Injection<= 6.2Jul 14, 2016
- Cross-Site Request Forgery (CSRF) vulnerability<= 4.1.5Aug 1, 2014