Lucene search
+L

182 matches found

Patchstack
Patchstack
added 2023/12/27 12:0 a.m.13 views

WordPress BookingPress Plugin <= 1.0.74 is vulnerable to Other Vulnerability Type

Software BookingPress Type Plugin Vulnerable versions = 1.0.74 Fixed in 1.0.75 OWASP Top 10 A4: Insecure Design Classification Other Vulnerability Type CVE CVE-2023-51405 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 5ed1a6f81388 Credits Abdi Pranata Required privilege...

9.8CVSS6.6AI score0.00655EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/21 12:0 a.m.20 views

WordPress BookingPress Plugin <= 1.0.72 is vulnerable to SQL Injection

Software BookingPress Type Plugin Vulnerable versions = 1.0.72 Fixed in 1.0.73 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50841 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID f0bdac9d74d8 Credits Ngô Thiên An ancorn from VNPT-VCI Required...

8.8CVSS6.8AI score0.00537EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/11/30 4:15 p.m.5 views

CVE-2023-36507

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...

5.3CVSS7.3AI score0.0051EPSS
Exploits0References1
NVD
NVD
added 2023/11/30 4:15 p.m.24 views

CVE-2023-36507

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...

5.3CVSS0.0051EPSS
Exploits0References1
Prion
Prion
added 2023/11/30 4:15 p.m.29 views

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...

5CVSS7AI score0.0051EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/30 3:26 p.m.40 views

CVE-2023-36507

Summary (CVE-2023-36507) : Affected software is the BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin for WordPress. The issue is an unauthenticated information disclosure in BookingPress versions up to and including 1.0.64, caused by exposure of sensitive server inf...

5.3CVSS6.7AI score0.0051EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.5 views

WordPress Plugin BookingPress Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

5.3CVSS6.2AI score0.0051EPSS
Exploits0References1
NVD
NVD
added 2023/11/28 3:15 a.m.24 views

CVE-2023-6219

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...

7.2CVSS0.01231EPSS
Exploits0References4
OSV
OSV
added 2023/11/28 3:15 a.m.2 views

CVE-2023-6219

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...

7.2CVSS6.4AI score0.01231EPSS
Exploits0References4
Prion
Prion
added 2023/11/28 3:15 a.m.20 views

Input validation

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...

5.8CVSS7.9AI score0.01231EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/28 2:37 a.m.13 views

CVE-2023-6219 BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...

7.2CVSS7.8AI score0.01231EPSS
Exploits0References4
CVE
CVE
added 2023/11/28 2:37 a.m.90 views

CVE-2023-6219

CVE-2023-6219 affects the BookingPress – Appointment Booking Calendar Plugin for WordPress. It allows authenticated administrators (or higher) to upload arbitrary files via the bookingpress_process_upload function due to insufficient input validation, up to and including version 1.0.76, with pote...

7.2CVSS7.4AI score0.01231EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/11/28 2:37 a.m.27 views

CVE-2023-6219 BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload

The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...

7.2CVSS7.5AI score0.01231EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/28 12:0 a.m.6 views

WordPress Plugin JBookingPress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin JBookingPress 1.0....

7.2CVSS7AI score0.01231EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/11/28 12:0 a.m.19 views

WordPress BookingPress Plugin <= 1.0.76 is vulnerable to Arbitrary File Upload

Software BookingPress Type Plugin Vulnerable versions = 1.0.76 Fixed in 1.0.77 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-6219 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID d9226b37951c Credits István Márton Required privilege...

7.2CVSS7.2AI score0.01231EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/28 12:0 a.m.8 views

PT-2023-32568 · WordPress · Bookingpress

Name of the Vulnerable Software and Affected Versions: BookingPress plugin for WordPress versions up to, and including, 1.0.76 Description: The issue is related to insufficient file validation on the bookingpress process upload function, allowing authenticated attackers with administrator-level...

7.2CVSS7.7AI score0.01231EPSS
Exploits0References7
Patchstack
Patchstack
added 2023/07/13 12:0 a.m.16 views

WordPress BookingPress Plugin <= 1.0.64 is vulnerable to Sensitive Data Exposure

Software BookingPress Type Plugin Vulnerable versions = 1.0.64 Fixed in 1.0.65 OWASP Top 10 A5: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-36507 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e634d3e6d42f Credits Paul Goodchild Required...

5.3CVSS6.6AI score0.0051EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2023/03/19 11:35 a.m.172 views

Exploit for SQL Injection in Reputeinfosystems Bookingpress

Bash exploit for CVE-2022-0739 Unauthenticated SQL Injection...

9.8CVSS9.9AI score0.37171EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/03/19 11:35 a.m.363 views

Exploit for SQL Injection in Reputeinfosystems Bookingpress

Bash exploit for CVE-2022-0739 Unauthenticated SQL Injection...

9.8CVSS9.9AI score0.37171EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/02/18 3:23 p.m.412 views

Exploit for SQL Injection in Reputeinfosystems Bookingpress

CVE-2022-0739 BookingPress 1.0.11 - Unauthenticated SQL Inj...

9.8CVSS9.6AI score0.37171EPSS
Exploits11
Rows per page
Query Builder