Lucene search
K

4 matches found

NVD
NVD
added 2024/06/26 6:15 a.m.26 views

CVE-2024-5071

The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment the request body to change its status from pending to approved...

6.5CVSS0.004EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/06/26 6:0 a.m.14 views

CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update

The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment the request body to change its status from pending to approved...

6.7AI score0.004EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/26 6:0 a.m.24 views

CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update

The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment the request body to change its status from pending to approved...

0.004EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/06/26 12:0 a.m.11 views

WordPress Bookster Plugin < 1.2.0 is vulnerable to Broken Access Control

Software Bookster Type Plugin Vulnerable versions 1.2.0 Fixed in 1.2.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-5071 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 83ef822591e4 Credits Roshan Cheriyan Required privilege...

6.5CVSS6.5AI score0.004EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder