Vulnerabilities in Latepoint

28 results

CVE-2025-6815MEDIUMLatePoint <= 5.1.94 - Authenticated (Administrator+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-6941MEDIUMLatePoint <= 5.1.94 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2025-7052HIGHLatePoint <= 5.1.94 - Cross-Site Request Forgery to Account Takeover via change_password() FunctionEPSS 0.2%CVE-2026-32533MEDIUMWordPress LatePoint plugin <= 5.2.6 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2025-14873MEDIUMLatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.5 - Cross-Site Request ForgeryEPSS 0.1%CVE-2026-9719MEDIUMLatePoint <= 5.6.0 - Cross-Site Request Forgery via invoices__change_status ActionEPSS 0.1%CVE-2026-5365MEDIUMLatePoint <= 5.3.2 - Cross-Site Request Forgery via 'customer_cabinet__request_cancellation' AJAX RouteEPSS 0.1%CVE-2026-2324MEDIUMLatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.7 - Cross-Site Request Forgery in Booking Form Settings Update to Stored Cross-Site ScriptingEPSS 0.1%

← previouspage 2 / 2next →