Lucene search

CVE-2024-6467

🗓️ 17 Jul 2024 07:03:15Reported by [email protected]Type

The BookingPress plugin for WordPress is vulnerable to arbitrary file read and creation, allowing authenticated attackers to execute PHP code or expose sensitive information

Reporter	Title	Published	Views	Family All 7
Cvelist	CVE-2024-6467 BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation	17 Jul 202406:45	–	cvelist
Patchstack	WordPress BookingPress Plugin <= 1.1.5 is vulnerable to Arbitrary File Upload	17 Jul 202400:00	–	patchstack
CVE	CVE-2024-6467	17 Jul 202407:15	–	cve
Vulnrichment	CVE-2024-6467 BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation	17 Jul 202406:45	–	vulnrichment
Wordfence Blog	10,000 WordPress Sites Affected by High Severity Vulnerabilities in BookingPress WordPress Plugin	22 Jul 202417:06	–	wordfence
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (July 15, 2024 to July 21, 2024)	25 Jul 202414:49	–	wordfence
The Hacker News	GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk	21 Aug 202404:35	–	thn

Nvd

Node

reputeinfosystems bookingpressRange<1.1.6wordpress

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/d0177510-cd7d-4cc5-96c3-78433aa0e3f6

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Jul 2024 07:15Current

CVSS38.8

EPSS0.00043