Lucene search
+L

6 matches found

GithubExploit
GithubExploit
added 2025/01/11 2:50 a.m.255 views

Exploit for CVE-2024-12558

CVE-2024-12558-exploit Description The WP BASE Booking of A...

6.5CVSS6.2AI score0.01218EPSS
Exploits1
NVD
NVD
added 2024/12/21 10:15 a.m.19 views

CVE-2024-12558

The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdb function in all versions up to, and including, 4.9.2. This makes it possible for authenticated attackers, with...

6.5CVSS0.01218EPSS
Exploits1References3
Circl
Circl
added 2024/12/21 9:42 a.m.11 views

CVE-2024-12558

creationtimestamp| type| source ---|---|--- 2024-12-21 09:42:26+00:00| seen| https://infosec.exchange/users/cve/statuses/113690158402957170 2024-12-21 10:15:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldso7dstzc2k 2024-12-21 11:59:18+00:00| seen|...

6.5CVSS8.7AI score0.01218EPSS
Exploits1References5
CVE
CVE
added 2024/12/21 9:23 a.m.55 views

CVE-2024-12558

CVE-2024-12558 affects the WordPress plugin WP BASE Booking of Appointments, Services and Events . The vulnerability is a missing capability check in the export_db function across all versions up to and including 4.9.2, enabling an authenticated attacker with Subscriber+ privileges to access sens...

6.5CVSS6AI score0.01218EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/12/21 9:23 a.m.13 views

CVE-2024-12558 WP BASE Booking of Appointments, Services and Events <= 4.9.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via app_export_db

The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdb function in all versions up to, and including, 4.9.2. This makes it possible for authenticated attackers, with...

6.5CVSS6.1AI score0.01218EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/12/21 9:23 a.m.30 views

CVE-2024-12558 WP BASE Booking of Appointments, Services and Events <= 4.9.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via app_export_db

The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdb function in all versions up to, and including, 4.9.2. This makes it possible for authenticated attackers, with...

6.5CVSS0.01218EPSS
Exploits1References3
Rows per page
Query Builder