Search
Find a vulnerability
Search criteria
6 vulnerabilities found for Booking Calendar Contact Form by dwbooster
CVE-2016-20070 (GCVE-0-2016-20070)
Vulnerability from nvd – Published: 2026-06-15 12:00 – Updated: 2026-06-15 16:01
VLAI
Title
WordPress Booking Calendar Contact Form 1.0.23 Privilege Escalation Stored XSS
Summary
WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts by failing to verify user privileges and sanitize input parameters. Attackers with subscriber-level accounts can inject XSS payloads through parameters like price, name, calendar_language, and email_confirmation_to_user via admin-ajax.php and admin.php endpoints to execute arbitrary JavaScript in administrator browsers.
Severity
6.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/39423 | exploit |
| http://wordpress.dwbooster.com/ | product |
| https://www.vulncheck.com/advisories/wordpress-bo… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dwbooster | Booking Calendar Contact Form |
Affected:
0 , ≤ 1.0.23
(semver)
|
Date Public
2016-02-08 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-20070",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:01:21.820123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:01:33.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Booking Calendar Contact Form",
"vendor": "dwbooster",
"versions": [
{
"lessThanOrEqual": "1.0.23",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joaquin Ramirez Martinez [ i0 SEC-LABORATORY ]"
}
],
"datePublic": "2016-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts by failing to verify user privileges and sanitize input parameters. Attackers with subscriber-level accounts can inject XSS payloads through parameters like price, name, calendar_language, and email_confirmation_to_user via admin-ajax.php and admin.php endpoints to execute arbitrary JavaScript in administrator browsers."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T12:00:40.261Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-39423",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/39423"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://wordpress.dwbooster.com/"
},
{
"name": "VulnCheck Advisory: WordPress Booking Calendar Contact Form 1.0.23 Privilege Escalation Stored XSS",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/wordpress-booking-calendar-contact-form-privilege-escalation-stored-xss"
}
],
"title": "WordPress Booking Calendar Contact Form 1.0.23 Privilege Escalation Stored XSS",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2016-20070",
"datePublished": "2026-06-15T12:00:40.261Z",
"dateReserved": "2026-06-14T18:28:28.113Z",
"dateUpdated": "2026-06-15T16:01:33.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2016-20069 (GCVE-0-2016-20069)
Vulnerability from nvd – Published: 2026-06-15 12:00 – Updated: 2026-06-15 19:24
VLAI
Title
WordPress Booking Calendar Contact Form 1.0.23 SQL Injection
Summary
WordPress Booking Calendar Contact Form 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in database queries. Attackers can inject SQL commands through the calendar shortcode parameter to execute arbitrary SQL queries and extract sensitive database information.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/39423 | exploit |
| http://wordpress.dwbooster.com/ | product |
| https://www.vulncheck.com/advisories/wordpress-bo… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dwbooster | Booking Calendar Contact Form |
Affected:
0 , ≤ 1.0.23
(semver)
|
Date Public
2016-02-08 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-20069",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T15:34:07.153143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T19:24:44.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Booking Calendar Contact Form",
"vendor": "dwbooster",
"versions": [
{
"lessThanOrEqual": "1.0.23",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joaquin Ramirez Martinez [ i0 SEC-LABORATORY ]"
}
],
"datePublic": "2016-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WordPress Booking Calendar Contact Form 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in database queries. Attackers can inject SQL commands through the calendar shortcode parameter to execute arbitrary SQL queries and extract sensitive database information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T12:00:39.584Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-39423",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/39423"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://wordpress.dwbooster.com/"
},
{
"name": "VulnCheck Advisory: WordPress Booking Calendar Contact Form 1.0.23 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/wordpress-booking-calendar-contact-form-sql-injection-2"
}
],
"title": "WordPress Booking Calendar Contact Form 1.0.23 SQL Injection",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2016-20069",
"datePublished": "2026-06-15T12:00:39.584Z",
"dateReserved": "2026-06-14T18:27:45.187Z",
"dateUpdated": "2026-06-15T19:24:44.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2016-20068 (GCVE-0-2016-20068)
Vulnerability from nvd – Published: 2026-06-15 12:02 – Updated: 2026-06-15 16:14
VLAI
Title
WordPress Booking Calendar Contact Form 1.0.23 SQL Injection
Summary
WordPress Booking Calendar Contact Form version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send requests to the admin-ajax.php endpoint with the action parameter set to 'dex_bccf_calendar_ajaxevent' and supply crafted SQL commands in the 'id' parameter to extract sensitive database information.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/39423 | exploit |
| http://wordpress.dwbooster.com/ | product |
| https://www.vulncheck.com/advisories/wordpress-bo… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dwbooster | Booking Calendar Contact Form |
Affected:
0 , ≤ 1.0.23
(semver)
|
Date Public
2016-02-08 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-20068",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:14:15.267754Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:14:52.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Booking Calendar Contact Form",
"vendor": "dwbooster",
"versions": [
{
"lessThanOrEqual": "1.0.23",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joaquin Ramirez Martinez [ i0 SEC-LABORATORY ]"
}
],
"datePublic": "2016-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WordPress Booking Calendar Contact Form version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the \u0027id\u0027 parameter. Attackers can send requests to the admin-ajax.php endpoint with the action parameter set to \u0027dex_bccf_calendar_ajaxevent\u0027 and supply crafted SQL commands in the \u0027id\u0027 parameter to extract sensitive database information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T12:02:21.342Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-39423",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/39423"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://wordpress.dwbooster.com/"
},
{
"name": "VulnCheck Advisory: WordPress Booking Calendar Contact Form 1.0.23 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/wordpress-booking-calendar-contact-form-sql-injection"
}
],
"title": "WordPress Booking Calendar Contact Form 1.0.23 SQL Injection",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2016-20068",
"datePublished": "2026-06-15T12:02:21.342Z",
"dateReserved": "2026-06-14T18:27:09.580Z",
"dateUpdated": "2026-06-15T16:14:52.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2016-20068 (GCVE-0-2016-20068)
Vulnerability from cvelistv5 – Published: 2026-06-15 12:02 – Updated: 2026-06-15 16:14
VLAI
Title
WordPress Booking Calendar Contact Form 1.0.23 SQL Injection
Summary
WordPress Booking Calendar Contact Form version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send requests to the admin-ajax.php endpoint with the action parameter set to 'dex_bccf_calendar_ajaxevent' and supply crafted SQL commands in the 'id' parameter to extract sensitive database information.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/39423 | exploit |
| http://wordpress.dwbooster.com/ | product |
| https://www.vulncheck.com/advisories/wordpress-bo… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dwbooster | Booking Calendar Contact Form |
Affected:
0 , ≤ 1.0.23
(semver)
|
Date Public
2016-02-08 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-20068",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:14:15.267754Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:14:52.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Booking Calendar Contact Form",
"vendor": "dwbooster",
"versions": [
{
"lessThanOrEqual": "1.0.23",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joaquin Ramirez Martinez [ i0 SEC-LABORATORY ]"
}
],
"datePublic": "2016-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WordPress Booking Calendar Contact Form version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the \u0027id\u0027 parameter. Attackers can send requests to the admin-ajax.php endpoint with the action parameter set to \u0027dex_bccf_calendar_ajaxevent\u0027 and supply crafted SQL commands in the \u0027id\u0027 parameter to extract sensitive database information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T12:02:21.342Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-39423",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/39423"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://wordpress.dwbooster.com/"
},
{
"name": "VulnCheck Advisory: WordPress Booking Calendar Contact Form 1.0.23 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/wordpress-booking-calendar-contact-form-sql-injection"
}
],
"title": "WordPress Booking Calendar Contact Form 1.0.23 SQL Injection",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2016-20068",
"datePublished": "2026-06-15T12:02:21.342Z",
"dateReserved": "2026-06-14T18:27:09.580Z",
"dateUpdated": "2026-06-15T16:14:52.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2016-20070 (GCVE-0-2016-20070)
Vulnerability from cvelistv5 – Published: 2026-06-15 12:00 – Updated: 2026-06-15 16:01
VLAI
Title
WordPress Booking Calendar Contact Form 1.0.23 Privilege Escalation Stored XSS
Summary
WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts by failing to verify user privileges and sanitize input parameters. Attackers with subscriber-level accounts can inject XSS payloads through parameters like price, name, calendar_language, and email_confirmation_to_user via admin-ajax.php and admin.php endpoints to execute arbitrary JavaScript in administrator browsers.
Severity
6.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/39423 | exploit |
| http://wordpress.dwbooster.com/ | product |
| https://www.vulncheck.com/advisories/wordpress-bo… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dwbooster | Booking Calendar Contact Form |
Affected:
0 , ≤ 1.0.23
(semver)
|
Date Public
2016-02-08 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-20070",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:01:21.820123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:01:33.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Booking Calendar Contact Form",
"vendor": "dwbooster",
"versions": [
{
"lessThanOrEqual": "1.0.23",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joaquin Ramirez Martinez [ i0 SEC-LABORATORY ]"
}
],
"datePublic": "2016-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts by failing to verify user privileges and sanitize input parameters. Attackers with subscriber-level accounts can inject XSS payloads through parameters like price, name, calendar_language, and email_confirmation_to_user via admin-ajax.php and admin.php endpoints to execute arbitrary JavaScript in administrator browsers."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T12:00:40.261Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-39423",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/39423"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://wordpress.dwbooster.com/"
},
{
"name": "VulnCheck Advisory: WordPress Booking Calendar Contact Form 1.0.23 Privilege Escalation Stored XSS",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/wordpress-booking-calendar-contact-form-privilege-escalation-stored-xss"
}
],
"title": "WordPress Booking Calendar Contact Form 1.0.23 Privilege Escalation Stored XSS",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2016-20070",
"datePublished": "2026-06-15T12:00:40.261Z",
"dateReserved": "2026-06-14T18:28:28.113Z",
"dateUpdated": "2026-06-15T16:01:33.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2016-20069 (GCVE-0-2016-20069)
Vulnerability from cvelistv5 – Published: 2026-06-15 12:00 – Updated: 2026-06-15 19:24
VLAI
Title
WordPress Booking Calendar Contact Form 1.0.23 SQL Injection
Summary
WordPress Booking Calendar Contact Form 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in database queries. Attackers can inject SQL commands through the calendar shortcode parameter to execute arbitrary SQL queries and extract sensitive database information.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/39423 | exploit |
| http://wordpress.dwbooster.com/ | product |
| https://www.vulncheck.com/advisories/wordpress-bo… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dwbooster | Booking Calendar Contact Form |
Affected:
0 , ≤ 1.0.23
(semver)
|
Date Public
2016-02-08 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-20069",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T15:34:07.153143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T19:24:44.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Booking Calendar Contact Form",
"vendor": "dwbooster",
"versions": [
{
"lessThanOrEqual": "1.0.23",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joaquin Ramirez Martinez [ i0 SEC-LABORATORY ]"
}
],
"datePublic": "2016-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WordPress Booking Calendar Contact Form 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in database queries. Attackers can inject SQL commands through the calendar shortcode parameter to execute arbitrary SQL queries and extract sensitive database information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T12:00:39.584Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-39423",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/39423"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://wordpress.dwbooster.com/"
},
{
"name": "VulnCheck Advisory: WordPress Booking Calendar Contact Form 1.0.23 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/wordpress-booking-calendar-contact-form-sql-injection-2"
}
],
"title": "WordPress Booking Calendar Contact Form 1.0.23 SQL Injection",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2016-20069",
"datePublished": "2026-06-15T12:00:39.584Z",
"dateReserved": "2026-06-14T18:27:45.187Z",
"dateUpdated": "2026-06-15T19:24:44.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}