CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

134 matches found

WPBookit <= 1.0.4 - Unauthenticated Arbitrary File Upload

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the imageuploadhandle function hooked via the 'addbookingtype' route in all versions up to, and including, 1.0.4. id: CVE-2025-6058 info: name: WPBookit "; ifisset$GET"cmd" echo "";...

9.8CVSS5.9AI score0.05649EPSS

Exploits2References3

RedhatCVE•added 2026/03/26 5:4 p.m.•3 views

CVE-2026-25413

Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through = 1.6.18...

9.9CVSS5.8AI score0.00328EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 5:4 p.m.•3 views

CVE-2026-25414

Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Privilege Escalation.This issue affects WPBookit Pro: from n/a through = 1.6.18...

8.8CVSS5.8AI score0.00286EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•3 views

EUVD-2026-15720

Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through = 1.6.18...

5.8AI score0.00328EPSS

Exploits0References2

EUVD•added 2026/03/25 6:31 p.m.•3 views

EUVD-2026-15721

Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Privilege Escalation.This issue affects WPBookit Pro: from n/a through = 1.6.18...

5.8AI score0.00286EPSS

Exploits0References2

NVD•added 2026/03/25 5:16 p.m.•7 views

CVE-2026-25413

Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through = 1.6.18...

9.9CVSS0.00328EPSS

Exploits0References1

NVD•added 2026/03/25 5:16 p.m.•2 views

CVE-2026-25414

Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Privilege Escalation.This issue affects WPBookit Pro: from n/a through = 1.6.18...

8.8CVSS0.00286EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-25413 WordPress WPBookit Pro plugin <= 1.6.18 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through = 1.6.18...

9.9CVSS5.9AI score0.00328EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•6 views

CVE-2026-25414

Affected software: WordPress WPBookit Pro (iqonicdesign) wpbookit-pro, vulnerable through version 1.6.18. Root cause: incorrect privilege assignment enabling privilege escalation. Impact: high confidentiality, integrity, and availability risk (CVE-2026-25414). Exploit status: not specified in the...

8.8CVSS5.8AI score0.00286EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•2 views

CVE-2026-25414 WordPress WPBookit Pro plugin <= 1.6.18 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Privilege Escalation.This issue affects WPBookit Pro: from n/a through = 1.6.18...

8.8CVSS5.8AI score0.00286EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-25414 WordPress WPBookit Pro plugin <= 1.6.18 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Privilege Escalation.This issue affects WPBookit Pro: from n/a through = 1.6.18...

8.8CVSS0.00286EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•23 views

CVE-2026-25413 WordPress WPBookit Pro plugin <= 1.6.18 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through = 1.6.18...

9.9CVSS0.00328EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•9 views

CVE-2026-25413

CVE-2026-25413 concerns an unrestricted file upload vulnerability in the iqonicdesign WPBookit Pro WordPress plugin (WPBookit Pro) up to version 1.6.18. The root cause is unrestricted upload of a file with a dangerous type, enabling potential use of malicious files. Multiple sources (Red Hat, NVD...

9.9CVSS5.8AI score0.00328EPSS

Exploits0References1

Positive Technologies•added 2026/03/25 12:0 a.m.•4 views

PT-2026-27941

Name of the Vulnerable Software and Affected Versions WPBookit Pro versions n/a through 1.6.18 Description The software contains a flaw that permits the upload of malicious files due to unrestricted file upload with a dangerous type. This allows for the use of malicious files. Recommendations...

9.9CVSS5.9AI score0.00328EPSS

Exploits0References4

Positive Technologies•added 2026/03/25 12:0 a.m.•2 views

PT-2026-27942

Name of the Vulnerable Software and Affected Versions WPBookit Pro versions n/a through 1.6.18 Description An incorrect privilege assignment exists in iqonicdesign WPBookit Pro wpbookit-pro, allowing for privilege escalation. The issue affects the software as described. Recommendations Update...

8.8CVSS5.9AI score0.00286EPSS

Exploits0References4

CNNVD•added 2026/03/25 12:0 a.m.•5 views

WordPress plugin WPBookit Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.8AI score0.00286EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•5 views

WordPress plugin WPBookit Pro 代码问题漏洞

9.9CVSS5.9AI score0.00328EPSS

Exploits0References1

Patchstack•added 2026/03/23 3:3 p.m.•4 views

WordPress WPBookit Pro plugin <= 1.6.18 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Phat RiO in WordPress Plugin WPBookit Pro versions = 1.6.18...

9.9CVSS5.8AI score0.00328EPSS

Exploits0Affected Software1

Patchstack•added 2026/03/23 1:32 p.m.•2 views

WordPress WPBookit Pro plugin <= 1.6.18 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin WPBookit Pro versions = 1.6.18...

8.8CVSS5.8AI score0.00286EPSS

Exploits0Affected Software1

Patchstack•added 2026/03/05 8:36 a.m.•6 views

WordPress WPBookit plugin <= 1.0.8 - Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' Parameters vulnerability

Unauthenticated Stored Cross-Site Scripting via 'wpbusername' and 'wpbuseremail' Parameters vulnerability discovered by MD. TAREQ AHAMED JONY itztrq - Knight Squad in WordPress Plugin WPBookit versions = 1.0.8...

7.2CVSS5.9AI score0.00318EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by