Lucene search
PatchstackCVELIST:CVE-2024-34799HistoryJun 11, 2024 - 4:35 p.m.
CVE-2024-34799 WordPress BookingPress plugin <= 1.0.82 - Appointment Duration Manipulation vulnerability
2024-06-1116:35:34
CWE-862
Patchstack
www.cve.org
2
cve-2024-34799
wordpress
bookingpress
appointment
duration
manipulation
missing
authorization
repute infosystems
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "bookingpress-appointment-booking",
"product": "BookingPress",
"vendor": "Repute Infosystems",
"versions": [
{
"changes": [
{
"at": "1.0.83",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.82",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-34799
2024-06-11 17:16:01
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-34799
2024-06-11 17:16:01
wpvulndb
wpvulndb
BookingPress < 1.0.83 - Missing Authorization to Appointment Time Alteration
2024-05-29 00:00:00
wordfence
wordfence
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-34799