Lucene search
K

6 matches found

EUVD
EUVD
added 2026/03/04 3:31 a.m.6 views

EUVD-2026-9352

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'getcustomerlist' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information includin...

5.3CVSS5.9AI score0.00375EPSS
Exploits0References5
NVD
NVD
added 2026/03/04 2:15 a.m.7 views

CVE-2026-1980

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'getcustomerlist' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information includin...

5.3CVSS0.00375EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/04 1:21 a.m.3 views

CVE-2026-1980 WPBookit <= 1.0.8 - Missing Authorization to Unauthenticated Sensitive Customer Data Exposure

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'getcustomerlist' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information includin...

5.3CVSS5.9AI score0.00375EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/04 1:21 a.m.33 views

CVE-2026-1980 WPBookit <= 1.0.8 - Missing Authorization to Unauthenticated Sensitive Customer Data Exposure

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'getcustomerlist' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information includin...

5.3CVSS0.00375EPSS
Exploits0References4
CVE
CVE
added 2026/03/04 1:21 a.m.16 views

CVE-2026-1980

CVE-2026-1980 refers to the WPBookit WordPress plugin, affecting versions up to 1.0.8. Root cause: missing authorization on the get_customer_list route, enabling unauthenticated attackers to disclose sensitive customer data (names, emails, phone numbers, dates of birth, gender). Impact: unauthori...

5.3CVSS5.9AI score0.00375EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.12 views

PT-2026-22859

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'get customer list' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information...

5.3CVSS5.9AI score0.00375EPSS
Exploits0References5
Rows per page
Query Builder