Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:55 p.m.9 views

CVE-2022-4340

The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query...

5.3CVSS6.5AI score0.00669EPSS
Exploits2References1
Circl
Circl
added 2023/01/03 12:29 a.m.4 views

CVE-2022-4340

creationtimestamp| type| source ---|---|--- 2023-01-03 00:29:47+00:00| seen| https://t.me/cibsecurity/55772...

5.3CVSS5.5AI score0.00669EPSS
Exploits2References1
NVD
NVD
added 2023/01/02 10:15 p.m.24 views

CVE-2022-4340

The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query...

5.3CVSS5.2AI score0.00669EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/01/02 9:49 p.m.24 views

CVE-2022-4340 BookingPress < 1.0.31 - Unauthenticated IDOR in appointment_id

The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query...

5.5AI score0.00669EPSS
Exploits2References1
CVE
CVE
added 2023/01/02 9:49 p.m.57 views

CVE-2022-4340

BookingPress WordPress plugin (versions before 1.0.31) is affected by an Insecure Direct Object Reference (IDOR) in the thank-you page. The underlying issue enables unauthenticated users to view booking details (full name, date, time, service) by altering the appointment_id parameter. Reported in...

5.3CVSS5.1AI score0.00669EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/02 9:49 p.m.6 views

CVE-2022-4340 BookingPress < 1.0.31 - Unauthenticated IDOR in appointment_id

The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query...

5.2AI score0.00669EPSS
Exploits2References1
Rows per page
Query Builder