182 matches found
WordPress BookingPress Plugin <= 1.0.74 is vulnerable to Other Vulnerability Type
Software BookingPress Type Plugin Vulnerable versions = 1.0.74 Fixed in 1.0.75 OWASP Top 10 A4: Insecure Design Classification Other Vulnerability Type CVE CVE-2023-51405 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 5ed1a6f81388 Credits Abdi Pranata Required privilege...
WordPress BookingPress Plugin <= 1.0.72 is vulnerable to SQL Injection
Software BookingPress Type Plugin Vulnerable versions = 1.0.72 Fixed in 1.0.73 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50841 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID f0bdac9d74d8 Credits Ngô Thiên An ancorn from VNPT-VCI Required...
CVE-2023-36507
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...
CVE-2023-36507
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...
Code injection
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.6...
CVE-2023-36507
Summary (CVE-2023-36507) : Affected software is the BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin for WordPress. The issue is an unauthenticated information disclosure in BookingPress versions up to and including 1.0.64, caused by exposure of sensitive server inf...
WordPress Plugin BookingPress Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
CVE-2023-6219
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...
CVE-2023-6219
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...
Input validation
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...
CVE-2023-6219 BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...
CVE-2023-6219
CVE-2023-6219 affects the BookingPress – Appointment Booking Calendar Plugin for WordPress. It allows authenticated administrators (or higher) to upload arbitrary files via the bookingpress_process_upload function due to insufficient input validation, up to and including version 1.0.76, with pote...
CVE-2023-6219 BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload
The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpressprocessupload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above...
WordPress Plugin JBookingPress Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin JBookingPress 1.0....
WordPress BookingPress Plugin <= 1.0.76 is vulnerable to Arbitrary File Upload
Software BookingPress Type Plugin Vulnerable versions = 1.0.76 Fixed in 1.0.77 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-6219 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID d9226b37951c Credits István Márton Required privilege...
PT-2023-32568 · WordPress · Bookingpress
Name of the Vulnerable Software and Affected Versions: BookingPress plugin for WordPress versions up to, and including, 1.0.76 Description: The issue is related to insufficient file validation on the bookingpress process upload function, allowing authenticated attackers with administrator-level...
WordPress BookingPress Plugin <= 1.0.64 is vulnerable to Sensitive Data Exposure
Software BookingPress Type Plugin Vulnerable versions = 1.0.64 Fixed in 1.0.65 OWASP Top 10 A5: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-36507 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e634d3e6d42f Credits Paul Goodchild Required...
Exploit for SQL Injection in Reputeinfosystems Bookingpress
Bash exploit for CVE-2022-0739 Unauthenticated SQL Injection...
Exploit for SQL Injection in Reputeinfosystems Bookingpress
Bash exploit for CVE-2022-0739 Unauthenticated SQL Injection...
Exploit for SQL Injection in Reputeinfosystems Bookingpress
CVE-2022-0739 BookingPress 1.0.11 - Unauthenticated SQL Inj...