Plugin Vulnerabilities Added This Week That Are In The Current Version of the Plugins

• Reflected cross-site scripting (XSS) vulnerability in IMPress Listings, discovered by Kris

Additional Plugin Vulnerabilities Added This Week

• SQL injection in Appointment Booking Calendar, discovered by Joaquin Ramirez Martinez
• Authenticated SQL injection in Appointment Booking Calendar, discovered by Joaquin Ramirez Martinez
• Cross-site request forgery (CSRF)/cross-site scripting (XSS) in Appointment Booking Calendar, discovered by Joaquin Ramirez Martinez
• Authenticated SQL injection in Formidable Forms, discovered by Kacper Szurek
• Reflected cross-site scripting (XSS) in WP Ultimate CSV Importer, discovered by Rahul Pratap Singh