Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/20 4:28 a.m.8 views

CVE-2024-13677

The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. This is due to the plugin not properly validating a user's identity prior to updating their details...

8.8CVSS7.1AI score0.00501EPSS
Exploits0References1
Circl
Circl
added 2025/02/18 5:16 a.m.7 views

CVE-2024-13677

creationtimestamp| type| source ---|---|--- 2025-02-18 05:16:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligizvybgi23 2025-02-18 06:11:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ligm2xuym624 2025-02-18 06:48:57+00:00| seen|...

8.8CVSS7.3AI score0.00501EPSS
Exploits0References5
NVD
NVD
added 2025/02/18 5:15 a.m.15 views

CVE-2024-13677

The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. This is due to the plugin not properly validating a user's identity prior to updating their details...

8.8CVSS0.00501EPSS
Exploits0References2
CVE
CVE
added 2025/02/18 4:21 a.m.58 views

CVE-2024-13677

CVE-2024-13677 is associated with the GetBookingsWP WordPress plugin (Appointments Booking Calendar). The Wordfence vulnerability entry documents a privilege-escalation/account-takeover path in which an attacker with subscriber-level access or higher can update another user’s email without proper...

8.8CVSS7.2AI score0.00501EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/18 4:21 a.m.8 views

CVE-2024-13677 GetBookingsWp - Appointments & Bookings Plugin Basic Version <= 1.1.27 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover

The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. This is due to the plugin not properly validating a user's identity prior to updating their details...

8.8CVSS8.9AI score0.00501EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/18 4:21 a.m.15 views

CVE-2024-13677 GetBookingsWp - Appointments & Bookings Plugin Basic Version <= 1.1.27 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover

The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. This is due to the plugin not properly validating a user's identity prior to updating their details...

8.8CVSS0.00501EPSS
Exploits0References2
Rows per page
Query Builder