Product
iqonic kivicare
10 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-1572
CVE-2024-11730
CVE-2024-11729
CVE-2024-11728
CVE-2024-35659
CVE-2023-2628
CVE-2023-2627
CVE-2023-2624
CVE-2023-2623
CVE-2022-0786
< 3.6.8
The KiviCare - Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the ‘u_id’ par
< 3.6.5
The KiviCare - Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'sort[]' param
<= 3.6.5
The KiviCare - Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'service_list[
<= 3.6.5
The KiviCare - Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'visit_type[se
<= 3.6.4
Missing Authorization vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Exploiting Incorrectly Conf
< 3.2.1
The KiviCare WordPress plugin before 3.2.1 does not have CSRF checks (either flawed or missing completely) in various AJAX actions
< 3.2.1
The KiviCare WordPress plugin before 3.2.1 does not have proper CSRF and authorisation checks in various AJAX actions, allowing an
< 3.2.1
The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading
< 3.2.1
The KiviCare WordPress plugin before 3.2.1 does not restrict the information returned in a response and returns all user data, all
< 2.3.9
The KiviCare WordPress plugin before 2.3.9 does not sanitise and escape some parameters before using them in SQL statements via th