Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-4252

The EventPrime WordPress plugin through 3.2.9 specifies the price of a booking in the client request, allowing an attacker to purchase bookings without payment...

5.3CVSS6.6AI score0.00541EPSS
Exploits2References1
NVD
NVD
added 2023/11/27 5:15 p.m.23 views

CVE-2023-4252

The EventPrime WordPress plugin through 3.2.9 specifies the price of a booking in the client request, allowing an attacker to purchase bookings without payment...

5.3CVSS0.00541EPSS
Exploits2References1
OSV
OSV
added 2023/11/27 5:15 p.m.4 views

CVE-2023-4252

The EventPrime WordPress plugin through 3.2.9 specifies the price of a booking in the client request, allowing an attacker to purchase bookings without payment...

5.3CVSS5.8AI score0.00541EPSS
Exploits2References1
CVE
CVE
added 2023/11/27 4:21 p.m.54 views

CVE-2023-4252

The CVE concerns the EventPrime WordPress plugin (up to version 3.2.9). The root cause is that the client request can specify the price of a booking, enabling an attacker to complete a booking without paying. Public docs corroborate the existence of a payment bypass vulnerability and provide a Po...

5.3CVSS5.1AI score0.00541EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/11/27 4:21 p.m.21 views

CVE-2023-4252 EventPrime <= 3.2.9 - Booking Pricing Bypass

The EventPrime WordPress plugin through 3.2.9 specifies the price of a booking in the client request, allowing an attacker to purchase bookings without payment...

5.5AI score0.00541EPSS
Exploits2References1
Rows per page
Query Builder