CVE-2026-24963

Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a through = 1.2.38...

CVE-2026-24963

CVE-2026-24963 is a Privilege Escalation flaw in the WordPress plugin Amelia Booking (Booking for Appointments and Events Calendar – Amelia) affecting versions up to 1.2.38. The issue is an Incorrect Privilege Assignment allowing an authenticated user (Employee+) to escalate privileges. Public so...

CVE-2026-24963 WordPress Amelia plugin <= 1.2.38 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a through = 1.2.38...

WordPress plugin Amelia 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-23223

Name of the Vulnerable Software and Affected Versions Amelia versions through 1.2.38 Description An incorrect privilege assignment issue exists in ameliabooking Amelia, potentially allowing privilege escalation. The issue affects the application’s access control mechanisms. Recommendations Update...

WordPress Amelia plugin <= 1.2.38 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Amelia versions = 1.2.38...

CVE-2026-24967

Missing Authorization vulnerability in ameliabooking Amelia ameliabooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Amelia: from n/a through = 1.2.38...

EUVD-2026-5242

Missing Authorization vulnerability in ameliabooking Amelia ameliabooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Amelia: from n/a through = 1.2.38...

CVE-2026-24967 WordPress Amelia plugin <= 1.2.38 - Broken Access Control vulnerability

Missing Authorization vulnerability in ameliabooking Amelia ameliabooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Amelia: from n/a through = 1.2.38...

CVE-2026-24967

CVE-2026-24967 affects the WordPress Amelia plugin (ameliabooking) version

CVE-2026-24967 WordPress Amelia plugin <= 1.2.38 - Broken Access Control vulnerability

Missing Authorization vulnerability in ameliabooking Amelia ameliabooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Amelia: from n/a through = 1.2.38...

PT-2026-6230

Name of the Vulnerable Software and Affected Versions ameliabooking versions through 1.2.38 Description An issue exists in ameliabooking Amelia ameliabooking related to incorrectly configured access control security levels, allowing for missing authorization. The issue allows exploitation of acce...

WordPress Amelia plugin <= 1.2.38 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Amelia versions = 1.2.38...

CVE-2025-14720 Booking for Appointments and Events Calendar – Amelia <= 1.2.38 - Missing Authorization to Unauthenticated Multiple AJAX Actions

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on multiple AJAX actions in all versions up to, and including, 1.2.38. This makes it possible for unauthenticated attackers to mark payments as...

CVE-2025-14720

CVE-2025-14720 : Booking for Appointments and Events Calendar – Amelia (WordPress) is vulnerable to unauthorized access due to missing capability checks on multiple AJAX actions in all versions up to 1.2.38. Unauthenticated attackers can mark payments as refunded, trigger sending of queued notifi...

WordPress plugin Amelia 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2026-1751

Name of the Vulnerable Software and Affected Versions Amelia plugin for WordPress versions up to and including 1.2.38 Description The Amelia plugin for WordPress is susceptible to unauthorized access because of absent capability checks on several AJAX actions. This allows unauthenticated attacker...

CVE-2025-68569

Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through = 1.2.39...

EUVD-2025-205266

Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through = 1.2.38...

CVE-2025-68569

Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through = 1.2.39...