Testa din hemsida →

Latepoint

Det finns 12 kända sårbarheter i Latepoint.

12
Kända sårbarheter
7
Kritiska/höga
2026-02-14
Senaste sårbarhet
Använder du Latepoint?

Kör ett gratis test och se om din hemsida är påverkad.

Testa din hemsida

Kända sårbarheter

Medel 2026-02-14

CVE-2025-14873: The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.5. This is due to th...

Påverkade versioner: all

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.5. This is due to the 'ca...

Medel 2026-02-12

CVE-2026-1537: The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the load_step() function...

Påverkade versioner: all

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the load_step() function in a...

Hög 2026-02-03

CVE-2026-0617: The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer profile fields in all versions up to, and in...

Påverkade versioner: all

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer profile fields in all versions up to, and includi...

Hög 2025-09-30

CVE-2025-7038: The LatePoint plugin for WordPress is vulnerable to Authentication Bypass due to insufficient identity verification within the steps__load_step route of the latepoint_route_call AJAX endpoint in al...

Påverkade versioner: all

The LatePoint plugin for WordPress is vulnerable to Authentication Bypass due to insufficient identity verification within the steps__load_step route of the latepoint_route_call AJAX endpoint in all v...

Hög 2025-09-30

CVE-2025-7052: The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.94. This is due to missing nonce validation on the change_password() functio...

Påverkade versioner: all

The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.94. This is due to missing nonce validation on the change_password() function o...

Medel 2025-09-30

CVE-2025-6815: The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘service[name]’ parameter in all versions up to, ...

Påverkade versioner: all

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘service[name]’ parameter in all versions up to, and inclu...

Medel 2025-09-30

CVE-2025-6941: The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the 'latepoint_resources' shortcode...

Påverkade versioner: all

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the 'latepoint_resources' shortcode in a...

Kritisk 2025-08-13

CVE-2025-6715: The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, al...

Påverkade versioner: all

The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allow...

Medel 2025-05-14

CVE-2025-3769: The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'vi...

Påverkade versioner: all

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'view_bo...

Kritisk 2024-10-08

CVE-2024-8911: The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL Injection in versions up to, and including, 5.0.11. This is due to insufficient escaping on the user suppl...

Påverkade versioner: < 5.0.12

The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL Injection in versions up to, and including, 5.0.11. This is due to insufficient escaping on the user supplied...

Kritisk 2024-10-08

CVE-2024-8943: The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.0.12. This is due to insufficient verification on the user being supplied during the b...

Påverkade versioner: < 5.0.13

The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.0.12. This is due to insufficient verification on the user being supplied during the book...

Kritisk 2024-06-14

CVE-2024-2472: The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'start_or_use_session_for_customer' function...

Påverkade versioner: < 4.9.91

The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'start_or_use_session_for_customer' function in...

Vår rekommendation

Håll tillägget uppdaterat. De flesta sårbarheter åtgärdas snabbt av utvecklarna.

Ta bort tillägg du inte använder. Varje tillägg är en potentiell attackyta.

Testa din hemsida regelbundet. Automatisk bevakning fångar problem tidigt.

Andra tillägg med kända sårbarheter

Newsletter 50 sårb. Elementor 50 sårb. Classified 49 sårb. Gutenberg 49 sårb. Royal elementor addons 49 sårb. Ninja forms 48 sårb.