Filtered by vendor Pinpoint
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0220 | 1 Pinpoint | 1 Pinpoint Booking System | 2023-02-15 | N/A | 8.8 HIGH |
| The Pinpoint Booking System WordPress plugin before 2.9.9.2.9 does not validate and escape one of its shortcode attributes before using it in a SQL statement, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks. | |||||
| CVE-2015-9460 | 1 Pinpoint | 1 Pinpoint Booking System | 2019-10-15 | 6.5 MEDIUM | 8.8 HIGH |
| The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter. | |||||