Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

63 matches found

RedhatCVE
RedhatCVEadded 2026/02/21 7:29 p.m.4 views

CVE-2026-22341

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

6.7CVSS5.5AI score0.00092EPSS
Exploits0References1
NVD
NVDadded 2026/02/20 4:22 p.m.11 views

CVE-2026-22341

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

6.7CVSS0.00092EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/20 3:46 p.m.5 views

CVE-2026-22341

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

5.4AI score0.00092EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/02/20 3:46 p.m.21 views

CVE-2026-22341 WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

6.7CVSS0.00092EPSS
Exploits0References1
CVE
CVEadded 2026/02/20 3:46 p.m.9 views

CVE-2026-22341

CVE-2026-22341 is a WordPress plugin vulnerability in Case-Themes Booked (Booked) versions up to 3.0.0, described as an authentication bypass via an alternate path/channel that enables account takeover. Public sources (Wordfence/PT-2026-21194, Patchstack) indicate the issue affects Booked 3.0.0 ...

6.7CVSS5.5AI score0.00092EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/20 3:46 p.m.2 views

CVE-2026-22341 WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through = 3.0.0...

6.7CVSS5.4AI score0.00092EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/02/20 12:0 a.m.16 views

WordPress plugin Booked 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.7CVSS5.8AI score0.00092EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/02/20 12:0 a.m.4 views

PT-2026-21194

Name of the Vulnerable Software and Affected Versions Case-Themes Booked versions through 3.0.0 Description An authentication bypass issue exists in Case-Themes Booked. This allows for authentication abuse by utilizing an alternate path or channel. Recommendations Update Case-Themes Booked to a...

5.4AI score0.00092EPSS
Exploits0References3
NVD
NVDadded 2026/02/03 10:16 p.m.3 views

CVE-2020-37077

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manageemailtemplates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...

6.9CVSS0.00213EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/02/03 10:1 p.m.2 views

CVE-2020-37077 Booked Scheduler 2.7.7 - Authenticated Directory Traversal

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manageemailtemplates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...

6.9CVSS5.4AI score0.00213EPSS
Exploits0References4
CVE
CVEadded 2026/02/03 10:1 p.m.6 views

CVE-2020-37077

Booked Scheduler 2.7.7 is affected by a directory traversal vulnerability in the manage_email_templates.php script. Authenticated administrators can use the vulnerable tn parameter to read files outside the intended directory. The underlying cause is improper directory traversal handling. Reporte...

6.9CVSS5.4AI score0.00213EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/02/03 10:1 p.m.4 views

CVE-2020-37077

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manageemailtemplates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...

6.9CVSS5.4AI score0.00213EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/02/03 10:1 p.m.28 views

CVE-2020-37077 Booked Scheduler 2.7.7 - Authenticated Directory Traversal

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manageemailtemplates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...

6.9CVSS0.00213EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/02/03 12:0 a.m.2 views

Booked Scheduler 路径遍历漏洞

Booked Scheduler is a powerful scheduling solution provided by the Booked company. Version 2.7.7 of Booked Scheduler contains a path traversal vulnerability. This vulnerability stems from the tn parameter in the manageemailtemplates.php script, which exposes the script to directory traversal...

6.9CVSS5.8AI score0.00213EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.2 views

PT-2026-5828

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage email templates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating...

6.9CVSS5.5AI score0.00213EPSS
Exploits0References5
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.2 views

Booked Scheduler 2.5.15 Cross Site Request Forgery

A cross site request forgery vulnerability exists in Booked Scheduler version 2.5.15. The vulnerability allows remote attackers to perform unauthorized actions on behalf of authenticated users. This issue is older research added to the archive...

5.2AI score
Exploits0
Patchstack
Patchstackadded 2026/01/29 8:8 a.m.4 views

WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Booked versions = 3.0.0...

5.4CVSS5.9AI score0.00092EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologiesadded 2026/01/09 12:0 a.m.2 views

PT-2026-2166

Name of the Vulnerable Software and Affected Versions wpDiscuz versions prior to 7.6.47 Description The software contains a stored cross-site scripting issue that permits authenticated attackers to inject malicious JavaScript. This is achieved by importing a specially crafted options file...

6.3CVSS5.7AI score0.00059EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-52536

Malicious code in bioql PyPI...

6.1CVSS5.4AI score0.00276EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-14959

Malicious code in bioql PyPI...

5.4CVSS8.7AI score0.00106EPSS
Exploits0References1
Rows per page
Query Builder