CVE-2025-26910

Medium CVSS: 6.1

Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit wpbookit allows Stored XSS.This issue affects WPBookit: from n/a through <= 1.0.1.

Vendor

Iqonic

Product

Wpbookit

CWE

CWE-352

Yayın Tarihi

2025-03-10 15:15:37

Güncelleme

2026-04-01 17:19:08

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-352 Wpbookit MEDIUM Iqonic 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/wpbookit/vulnerability/wordpress-wpbookit-plugin-1-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Benzer Kayıtlar

Critical

CVE-2025-6058

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ima…

High

CVE-2025-6057

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the han…

Critical

CVE-2025-3810

The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and…

Critical

CVE-2025-3811

The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and…

Medium

CVE-2025-32254

Missing Authorization vulnerability in Iqonic Design WPBookit wpbookit allows Accessing Functionality Not Properly Const…

Medium

CVE-2025-1572

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the ‘u_i…