CVE-2024-11275

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes...

CVE-2024-11275 WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes...

PT-2024-16875 · WordPress · Wp Timetics

Name of the Vulnerable Software and Affected Versions: WP Timetics - AI-powered Appointment Booking Calendar and Online Scheduling Plugin versions up to, and including, 1.0.27 Description: The issue concerns a missing capability check on the "/wp-json/timetics/v1/customers/" REST API endpoint. Th...

WordPress plugin WP Timetics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Timetics plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary User Deletion vulnerability discovered by Thanh Nam Tran in WordPress Plugin Timetics versions = 1.0.27...

CVE-2024-43923

Missing Authorization vulnerability in Arraytics Timetics allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Timetics: from n/a through 1.0.23...

CVE-2024-43923

Missing Authorization vulnerability in Arraytics Timetics allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Timetics: from n/a through 1.0.23...

CVE-2024-37427

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21...

CVE-2024-37427 WordPress Timetics plugin <= 1.0.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21...

CVE-2024-37427 WordPress Timetics plugin <= 1.0.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21...

CVE-2024-37427

The CVE-2024-37427 case concerns the WordPress Timetics plugin. Affected versions are Timetics 1.0.0 through 1.0.21, with a Missing Authorization / Broken Access Control vulnerability arising from incorrectly configured access control. The issue permits unauthenticated access to certain functions...

CVE-2024-43923 WordPress Timetics plugin <= 1.0.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Timetics: from n/a through 1.0.23...

CVE-2024-43923

CVE-2024-43923 corresponds to a Missing Authorization vulnerability in the WordPress plugin Timetics (Arraytics Timetics). Connected sources identify affected versions as Timetics 1.0.0 through 1.0.23 and describe an authorization issue that allows accessing functionality not properly constrained...

CVE-2024-43923 WordPress Timetics plugin <= 1.0.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Timetics: from n/a through 1.0.23...

WordPress plugin Timetics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Timetics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-27543 · Arraytics · Arraytics Timetics

Name of the Vulnerable Software and Affected Versions: Arraytics Timetics versions 1.0.0 through 1.0.21 Description: The issue is related to a Missing Authorization vulnerability in Arraytics Timetics, allowing exploitation of incorrectly configured access control security levels. Recommendations...

PT-2024-30784 · Arraytics · Arraytics Timetics

Name of the Vulnerable Software and Affected Versions: Arraytics Timetics versions 1.0.0 through 1.0.23 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 1.0.0 through...

CVE-2024-9263 WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.25 - Insecure Direct Object Reference to Unauthenticated Arbitrary User Password/Email Reset/Account Takeover

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to Account Takeover/Privilege Escalation via Insecure Direct Object Reference in all versions up to, and including, 1.0.25 via the save due to missing validation on a user...

WordPress plugin WP Timetics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...