2 matches found
CVE-2025-3769
creationtimestamp| type| source ---|---|--- 2025-05-14 11:31:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16296 2025-05-14 12:04:01+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4xf6b5fmv2 2025-05-14 13:02:54+00:00| seen|...
CVE-2025-3769 Latepoint <= 5.1.92 - Unauthenticated Insecure Direct Object Reference
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'viewbookingsummaryinlightbox' due to missing validation on a user controlled key. This makes it possible...