EUVD-2026-29392

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

CVE-2026-39432

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

CVE-2026-39432 WordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

CVE-2026-39432

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

CVE-2026-39432

CVE-2026-39432 affects WordPress Timetics plugin (versions ≤ 1.0.53). The issue is a Missing Authorization vulnerability described as Broken Access Control, allowing exploitation due to incorrectly configured access control levels. CVSSv3.1 base score 8.2 (HIGH) with network attack vector, low at...

CVE-2026-39432 WordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

WordPress plugin Timetics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-39947

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

WordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Simone Maion in WordPress Plugin Timetics versions = 1.0.53...

CVE-2025-15473

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

WordPress Timetics plugin < 1.0.52 - Unauthenticated Payment/Booking Status Update vulnerability

Unauthenticated Payment/Booking Status Update vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Timetics versions 1.0.52...

EUVD-2025-208611

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

CVE-2025-15473

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

CVE-2025-15473 Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

CVE-2025-15473

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

CVE-2025-15473 Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

CVE-2025-15473

The Timetics WordPress plugin (versions prior to 1.0.52) exposes a REST endpoint with insufficient authorization, allowing unauthenticated actors to arbitrarily modify a booking’s payment status and post status for the custom post type timetics-booking. The description does not provide exploit de...

WordPress plugin Timetics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-24924

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

CVE-2025-67915

Authentication Bypass Using an Alternate Path or Channel vulnerability in Arraytics Timetics timetics allows Authentication Abuse.This issue affects Timetics: from n/a through = 1.0.46...