72 matches found
CVE-2026-57746
Subscriber Broken Access Control in Booked = 3.0.0 versions...
CVE-2026-57747
Unauthenticated Cross Site Request Forgery CSRF in Booked = 3.0.0 versions...
CVE-2026-57747 WordPress Booked plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF in Booked = 3.0.0 versions...
CVE-2026-57746 WordPress Booked plugin <= 3.0.0 - Broken Access Control vulnerability
Subscriber Broken Access Control in Booked = 3.0.0 versions...
CVE-2026-57746
CVE-2026-57746 concerns the WordPress Booked plugin (versions up to and including 3.0.0) where a Broken Access Control vulnerability is described. The Initial document notes only the affected software and version range, with the impact stated as access control issues; no root cause, affected file...
CVE-2026-57747
CVE-2026-57747 is an unauthenticated CSRF vulnerability in the WordPress Booked plugin
EUVD-2026-41303
Unauthenticated Cross Site Request Forgery CSRF in Booked = 3.0.0 versions...
EUVD-2026-41302
Subscriber Broken Access Control in Booked = 3.0.0 versions...
WordPress Booked plugin <= 3.0.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin Booked versions = 3.0.0...
CVE-2026-22341
Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...
CVE-2026-22341
Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...
CVE-2026-22341 WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...
CVE-2026-22341
Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...
CVE-2026-22341
CVE-2026-22341 is a WordPress plugin vulnerability in Case-Themes Booked (Booked) versions up to 3.0.0, described as an authentication bypass via an alternate path/channel that enables account takeover. Public sources (Wordfence/PT-2026-21194, Patchstack) indicate the issue affects Booked 3.0.0 ...
CVE-2026-22341 WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...
WordPress plugin Booked 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-21194
Name of the Vulnerable Software and Affected Versions Case-Themes Booked versions through 3.0.0 Description An authentication bypass issue exists in Case-Themes Booked. This allows for authentication abuse by utilizing an alternate path or channel. Recommendations Update Case-Themes Booked to a...
CVE-2020-37077
Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manageemailtemplates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...
CVE-2020-37077
Booked Scheduler 2.7.7 is affected by a directory traversal vulnerability in the manage_email_templates.php script. Authenticated administrators can use the vulnerable tn parameter to read files outside the intended directory. The underlying cause is improper directory traversal handling. Reporte...
CVE-2020-37077
Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manageemailtemplates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...