Lucene search
K

72 matches found

NVD
NVD
added yesterday6 views

CVE-2026-57746

Subscriber Broken Access Control in Booked = 3.0.0 versions...

7.1CVSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57747

Unauthenticated Cross Site Request Forgery CSRF in Booked = 3.0.0 versions...

6.5CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday33 views

CVE-2026-57747 WordPress Booked plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Booked = 3.0.0 versions...

6.5CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday33 views

CVE-2026-57746 WordPress Booked plugin <= 3.0.0 - Broken Access Control vulnerability

Subscriber Broken Access Control in Booked = 3.0.0 versions...

7.1CVSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-57746

CVE-2026-57746 concerns the WordPress Booked plugin (versions up to and including 3.0.0) where a Broken Access Control vulnerability is described. The Initial document notes only the affected software and version range, with the impact stated as access control issues; no root cause, affected file...

7.1CVSS5.8AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-57747

CVE-2026-57747 is an unauthenticated CSRF vulnerability in the WordPress Booked plugin

6.5CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41303

Unauthenticated Cross Site Request Forgery CSRF in Booked = 3.0.0 versions...

6.5CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41302

Subscriber Broken Access Control in Booked = 3.0.0 versions...

7.1CVSS5.8AI score
Exploits0References1
Patchstack
Patchstack
added yesterday5 views

WordPress Booked plugin <= 3.0.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin Booked versions = 3.0.0...

7.1CVSS5.8AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.6 views

CVE-2026-22341

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

6.7CVSS5.5AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.19 views

CVE-2026-22341

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

6.7CVSS0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.26 views

CVE-2026-22341 WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

6.7CVSS0.00354EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 3:46 p.m.7 views

CVE-2026-22341

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

5.4AI score0.00354EPSS
Exploits0References2
CVE
CVE
added 2026/02/20 3:46 p.m.17 views

CVE-2026-22341

CVE-2026-22341 is a WordPress plugin vulnerability in Case-Themes Booked (Booked) versions up to 3.0.0, described as an authentication bypass via an alternate path/channel that enables account takeover. Public sources (Wordfence/PT-2026-21194, Patchstack) indicate the issue affects Booked 3.0.0 ...

6.7CVSS5.5AI score0.00354EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.3 views

CVE-2026-22341 WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

6.7CVSS5.4AI score0.00354EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.83 views

WordPress plugin Booked 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.7CVSS5.8AI score0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.6 views

PT-2026-21194

Name of the Vulnerable Software and Affected Versions Case-Themes Booked versions through 3.0.0 Description An authentication bypass issue exists in Case-Themes Booked. This allows for authentication abuse by utilizing an alternate path or channel. Recommendations Update Case-Themes Booked to a...

5.4AI score0.00354EPSS
Exploits0References3
NVD
NVD
added 2026/02/03 10:16 p.m.5 views

CVE-2020-37077

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manageemailtemplates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...

6.9CVSS0.00602EPSS
Exploits0References4
CVE
CVE
added 2026/02/03 10:1 p.m.8 views

CVE-2020-37077

Booked Scheduler 2.7.7 is affected by a directory traversal vulnerability in the manage_email_templates.php script. Authenticated administrators can use the vulnerable tn parameter to read files outside the intended directory. The underlying cause is improper directory traversal handling. Reporte...

6.9CVSS5.4AI score0.00602EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/03 10:1 p.m.4 views

CVE-2020-37077

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manageemailtemplates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...

6.9CVSS5.4AI score0.00602EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder