2 matches found
CVE-2024-1634
The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsbdisconnectsettings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to...
WordPress Scheduling Plugin – Online Booking for WordPress Plugin <= 3.5.10 is vulnerable to Broken Access Control
Software Scheduling Plugin – Online Booking for WordPress Type Plugin Vulnerable versions = 3.5.10 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1634 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 166eecf10900...