CVE-2026-1856 | Creavi Appointment Booking Calendar Plugin up to 1.4.4 on WordPress cross site scripting

Inserito da Angelo Barbosa | Giu 19, 2026 | CVE

A vulnerability was found in Creavi Appointment Booking Calendar Plugin up to 1.4.4 on WordPress and classified as problematic. The affected element is an unknown function. Executing a manipulation can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-1856. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-1856 | Creavi Appointment Booking Calendar Plugin up to 1.4.4 on WordPress cross site scripting

Post correlati

CVE-2026-33083 | DataEase up to 2.10.20 enumValueDs Order2SQLObj sql injection (GHSA-f443-95cf-m837)

CVE-2025-10327 | MiczFlor RPi-Jukebox-RFID up to 2.8.0 shuffle.php playlist os command injection

CVE-2025-5957 | Guest Support Plugin up to 1.2.2 on WordPress deleteMassTickets authorization

CVE-2024-3780 | Technicolor CGA2121 1.0.1 information disclosure