4 matches found
CVE-2023-50852
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Booking Calendar | Appointment Booking | BookIt.This issue affects Booking Calendar | Appointment Booking | BookIt: from n/a through 2.4.3...
CVE-2023-50852
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Booking Calendar | Appointment Booking | BookIt.This issue affects Booking Calendar | Appointment Booking | BookIt: from n/a through 2.4.3...
CVE-2023-50852
CVE-2023-50852 is an authenticated (Administrator+) SQL Injection in Booking Calendar / BookIt WordPress plugin affecting versions up to 2.4.3. The root cause is improper neutralization of SQL elements. A patch exists in 2.4.3; upgrade to a patched version to remediate.
WordPress BookIt Plugin <= 2.4.3 is vulnerable to SQL Injection
Software BookIt Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.4.4 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50852 Patch priority Low CVSS severity Low 7.6 Developer Liquid Web / StellarWP PSID 93198e5bb403 Credits Muhammad Daffa Required privilege Administrator...