4 matches found
CVE-2024-34799 WordPress BookingPress plugin <= 1.0.82 - Appointment Duration Manipulation vulnerability
Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82...
CVE-2024-34799
CVE-2024-34799 is a Missing Authorization vulnerability in the BookingPress WordPress plugin, affecting BookingPress versions n/a–1.0.82. The issue allows an attacker to alter appointment times without authorization. Wordfence details indicate the vulnerability exists in BookingPress and has a pa...
CVE-2024-34799 WordPress BookingPress plugin <= 1.0.82 - Appointment Duration Manipulation vulnerability
Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82...
WordPress BookingPress Plugin <= 1.0.82 is vulnerable to Broken Access Control
Software BookingPress Type Plugin Vulnerable versions = 1.0.82 Fixed in 1.0.83 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34799 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3083b71a4e1a Credits Mochamad Sofyan Required...