Lucene search
K

6 matches found

Cvelist
Cvelist
added 2025/12/09 2:14 p.m.22 views

CVE-2025-67581 WordPress TrueBooker plugin <= 1.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through = 1.1.0...

5.3CVSS0.00176EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/25 12:0 a.m.2 views

WordPress Booking Calendar Contact Form Plugin Missing Authorization Vulnerability

WordPress Booking Calendar Contact Form Plugin is a tool for creating contact forms with booking calendar functionality, supporting date selection, price configuration, PayPal payment integration, etc. for hotel and event booking scenarios. The WordPress Booking Calendar Contact Form Plugin suffe...

5.3CVSS6.5AI score0.00265EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/22 12:0 a.m.6 views

WordPress plugin Booking Calendar Contact Form 安全漏洞

WordPress Booking Calendar Contact Form Plugin is a tool for creating contact forms with booking calendar functionality, supporting date selection, price configuration, PayPal payment integration, etc. for hotel and event booking scenarios. The WordPress Booking Calendar Contact Form Plugin suffe...

5.3CVSS6.6AI score0.00265EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 2:58 a.m.3 views

CVE-2023-1129

The WP FEvents Book WordPress plugin through 0.46 does not ensures that bookings to be updated belong to the user making the request, allowing any authenticated user to book, add notes, or cancel booking on behalf of other users...

6.5CVSS8.7AI score0.00555EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/11/27 4:21 p.m.10 views

CVE-2023-4252 EventPrime <= 3.2.9 - Booking Pricing Bypass

The EventPrime WordPress plugin through 3.2.9 specifies the price of a booking in the client request, allowing an attacker to purchase bookings without payment...

6.9AI score0.00541EPSS
Exploits2References1
CVE
CVE
added 2023/10/31 1:54 p.m.57 views

CVE-2023-4251

The CVE-2023-4251 entry concerns the EventPrime WordPress plugin, specifically versions prior to 3.2.0. The issue is a missing CSRF check when creating bookings, allowing an attacker to induce logged-in users to create bookings via CSRF exploitation. Impact is described as enabling unwanted booki...

4.3CVSS4.5AI score0.00231EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder