Lucene search
K

5 matches found

CVE
CVE
added 2026/05/07 2:27 a.m.21 views

CVE-2026-4807

CVE-2026-4807 affects the WordPress plugin “Appointment Booking Calendar” (publicly exposed at WordPress.org) up to version 1.6.10.6. The root cause is missing authorization caused by flawed logic in nonce_permissions_check() combined with a site-wide public nonce exposed via /wp-json/ssa/v1/embe...

6.5CVSS5.9AI score0.00492EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/05/14 12:0 a.m.4 views

PT-2025-21146 · WordPress · Latepoint – Calendar Booking Plugin For Appointments/Events

Name of the Vulnerable Software and Affected Versions: LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress versions up to, and including, 5.1.92 Description: The issue allows unauthenticated attackers to retrieve appointment details, such as customer names and ema...

5.3CVSS6.1AI score0.00286EPSS
Exploits0References7
OSV
OSV
added 2024/10/31 7:15 p.m.2 views

CVE-2024-51066

An Insecure Direct Object Reference IDOR vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information PII of other customers...

7.5CVSS5.8AI score0.0049EPSS
Exploits1References2
Huntr
Huntr
added 2023/03/24 5:5 p.m.20 views

Improper Access Control which allows one provider to view and edit others provider appointment's details

Description Login using one provider's credential. After login successfully, notice there is POST request to /index.php/backendapi/ajaxgetcalendarappointments which allows the provider to view their own appointments information. However, by changing the recordid parameter to any number start from...

5.5CVSS5.6AI score0.00447EPSS
Exploits1
CNNVD
CNNVD
added 2022/01/05 12:0 a.m.5 views

Daybyday CRM 授权问题漏洞

DayByDay CRM is an open source CRM Customer Relationship Management software, based on Laravel, that helps users keep track of clients, tasks, meetings and more. DayByDay CRM Information Disclosure Vulnerability, the vulnerability stems from the product's failure to add an effective restriction o...

4.3CVSS5.7AI score0.0068EPSS
Exploits0References2
Rows per page
Query Builder