WordPress Bookit < 2.5.1 - Unauthenticated Stripe Settings Update

Bookit WordPress plugin 2.5.1 contains a broken access control vulnerability caused by a publicly accessible REST endpoint allowing unauthenticated update of Stripe payment options, letting remote attackers modify payment settings without authentication. id: CVE-2025-12841 info: name: WordPress...

CVE-2026-40780

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

CVE-2026-40780

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

CVE-2026-40780 WordPress BookIt plugin < 2.5.4.1 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

EUVD-2026-33948

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

CVE-2026-40780 WordPress BookIt plugin < 2.5.4.1 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

CVE-2026-40780

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

CVE-2026-40780

CVE-2026-40780 (WordPress BookIt plugin) : Affected product is the BookIt plugin (Liquid Web / StellarWP) for WordPress. The vulnerability is a broken authentication/password-recovery bypass via an alternate path or channel, enabling password recovery exploitation. Affects BookIt versions prior t...

PT-2026-45779

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1...

WordPress plugin BookIt 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress BookIt plugin <= 2.5.1 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by davidfdzmorilla in WordPress Plugin BookIt versions = 2.5.1...

WordPress Bookit plugin < 2.5.1 - Unauthenticated Settings Update vulnerability

Unauthenticated Settings Update vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin BookIt versions 2.5.1...

CVE-2025-12841

The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment options...

CVE-2025-12841

The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment options...

CVE-2025-12841

CVE-2025-12841 affects the WordPress plugin Bookit . Prior to version 2.5.1, it exposes a publicly accessible REST endpoint that allows unauthenticated updates to the plugin’s Stripe payment options. Exposure stems from missing authorization on REST endpoints. The vulnerability is documented acro...

EUVD-2025-203065

The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment options...

CVE-2025-12841 Bookit < 2.5.1 – Unauthenticated Settings Update

The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment options...

CVE-2025-12841 Bookit < 2.5.1 – Unauthenticated Settings Update

The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment options...

PT-2025-50919

Name of the Vulnerable Software and Affected Versions Bookit WordPress plugin versions prior to 2.5.1 Description The Bookit WordPress plugin contains a publicly accessible REST endpoint that allows unauthenticated modification of the plugin's Stripe payment settings. This allows attackers to alt...

WordPress plugin Bookit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...