2 matches found
CVE-2022-0720
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other's booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it...
CVE-2022-0720
CVE-2022-0720 affects the WordPress Amelia plugin prior to 1.0.47. The described vulnerability is improper authorization when managing appointments, allowing any customer to update someone else’s booking and to retrieve sensitive information (full name and phone number). The issue is supported by...