EUVD-2024-16869

Malicious code in bioql PyPI...

CVE-2024-11275

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes...

WordPress Timetics plugin <= 1.0.29 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Timetics versions = 1.0.29...

CVE-2025-30828 WordPress Timetics plugin <= 1.0.29 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through = 1.0.29...

CVE-2025-30828 WordPress Timetics plugin <= 1.0.29 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through = 1.0.29...

CVE-2024-1094

The Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the makestaff function in all versions up to, and including, 1.0.21. This makes it...

CVE-2024-11275

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes...

PT-2024-16875 · WordPress · Wp Timetics

Name of the Vulnerable Software and Affected Versions: WP Timetics - AI-powered Appointment Booking Calendar and Online Scheduling Plugin versions up to, and including, 1.0.27 Description: The issue concerns a missing capability check on the "/wp-json/timetics/v1/customers/" REST API endpoint. Th...

WordPress Timetics plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary User Deletion vulnerability discovered by Thanh Nam Tran in WordPress Plugin Timetics versions = 1.0.27...

CVE-2024-37427 WordPress Timetics plugin <= 1.0.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21...

CVE-2024-43923 WordPress Timetics plugin <= 1.0.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Timetics: from n/a through 1.0.23...

WordPress plugin Timetics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-39522 · WordPress · Wp Timetics- Ai-Powered Appointment Booking Calendar/Online Scheduling Plugin

Name of the Vulnerable Software and Affected Versions: WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress versions up to, and including, 1.0.25 Description: The issue allows for Account Takeover and Privilege Escalation via Insecure Direct Objec...

WordPress Timetics plugin <= 1.0.23 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Timetics versions = 1.0.23...

WordPress Timetics Plugin <= 1.0.23 is vulnerable to Sensitive Data Exposure

Software Timetics Type Plugin Vulnerable versions = 1.0.23 Fixed in 1.0.24 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-43923 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0ab309ff3351 Credits Manab Jyoti Dowarah Required...

WordPress Timetics plugin <= 1.0.21 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Timetics versions = 1.0.21...

WordPress Timetics Plugin <= 1.0.21 is vulnerable to Broken Access Control

Software Timetics Type Plugin Vulnerable versions = 1.0.21 Fixed in 1.0.22 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37427 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d73e6a480d4b Credits Manab Jyoti Dowarah Required...

Wordpress Timetics plugin <= 1.0.21 - Missing Authorization to Limited Privilege Escalation vulnerability

Missing Authorization to Limited Privilege Escalation vulnerability discovered by Francesco Carlucci in WordPress Plugin Timetics versions = 1.0.21...