4 matches found
CVE-2024-5071
The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment the request body to change its status from pending to approved...
CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment the request body to change its status from pending to approved...
CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment the request body to change its status from pending to approved...
WordPress Bookster Plugin < 1.2.0 is vulnerable to Broken Access Control
Software Bookster Type Plugin Vulnerable versions 1.2.0 Fixed in 1.2.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-5071 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 83ef822591e4 Credits Roshan Cheriyan Required privilege...