Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.5 views

CVE-2025-15473

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/12 6:31 a.m.4 views

EUVD-2025-208611

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References2
NVD
NVD
added 2026/03/12 6:16 a.m.5 views

CVE-2025-15473

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

4.3CVSS0.00164EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/12 6:0 a.m.2 views

CVE-2025-15473 Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

5.8AI score0.00164EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/12 6:0 a.m.31 views

CVE-2025-15473 Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

0.00164EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/12 6:0 a.m.6 views

CVE-2025-15473

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the "timetics-booking" custom post type...

5.8AI score0.00164EPSS
Exploits0References1
CVE
CVE
added 2026/03/12 6:0 a.m.15 views

CVE-2025-15473

CVE-2025-15473 concerns the Timetics WordPress plugin, prior to version 1.0.52 , which exposes a REST endpoint without proper authorization. This allows unauthenticated users to arbitrarily change a booking’s payment status and post status for the timetics-booking custom post type. The vulnerabil...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.7 views

WordPress plugin Timetics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References1
Rows per page
Query Builder