Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2022-3982
HistoryDec 12, 2022 - 5:54 p.m.

CVE-2022-3982 Booking Calendar < 3.2.2 - Unauthenticated Arbitrary File Upload

2022-12-1217:54:47
WPScan
www.cve.org
booking calendar
unauthenticated upload
rce
cve-2022-3982
wordpress plugin

9.9 High

AI Score

Confidence

High

0.289 Low

EPSS

Percentile

96.9%

JSON

The Booking calendar, Appointment Booking System WordPress plugin before 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "Booking calendar, Appointment Booking System",
    "collectionURL": "https://wordpress.org/plugins",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "3.2.2"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Related

prion 1
wpvulndb 1
cve 1
nuclei 1
openvas 1
nvd 1
wpexploit 1
prion
prion
Default credentials
2022-12-12 18:15:00
wpvulndb
wpvulndb
Booking Calendar < 3.2.2 - Unauthenticated Arbitrary File Upload
2022-11-21 00:00:00
cve
cve
CVE-2022-3982
2022-12-12 18:15:12
nuclei
nuclei
WordPress Booking Calendar <3.2.2 - Arbitrary File Upload
2023-03-31 11:28:24
openvas
openvas
WordPress Booking calendar, Appointment Booking System Plugin < 3.2.2 File Upload Vulnerability
2024-01-05 00:00:00
nvd
nvd
CVE-2022-3982
2022-12-12 18:15:12
wpexploit
wpexploit
Booking Calendar < 3.2.2 - Unauthenticated Arbitrary File Upload
2022-11-21 00:00:00

9.9 High

AI Score

Confidence

High

0.289 Low

EPSS

Percentile

96.9%

JSON
Related for CVELIST:CVE-2022-3982
prion1wpvulndb1cve1nuclei1openvas1nvd1wpexploit1