Lucene search
+L

3 matches found

NVD
NVD
added 2024/12/13 9:15 a.m.26 views

CVE-2024-11275

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes...

4.3CVSS0.00327EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/13 8:24 a.m.15 views

CVE-2024-11275 WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes...

4.3CVSS6.6AI score0.00327EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/13 8:24 a.m.23 views

CVE-2024-11275 WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes...

4.3CVSS0.00327EPSS
Exploits0References3
Rows per page
Query Builder