Lucene search
WPScanVULNRICHMENT:CVE-2024-5071HistoryJun 26, 2024 - 6:00 a.m.
CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
2024-06-2606:00:04
WPScan
github.com
cve-2024-5071
bookster
wordpress plugin
unauthenticated
appointment
status update
vulnerability
pending
approved
The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment (the request body) to change its status from pending to approved.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Bookster ",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver",
"lessThanOrEqual": "1.1.0"
}
],
"defaultStatus": "affected"
}
]Related
nvd
nvd
CVE-2024-5071
2024-06-26 06:15:16
cve
cve
CVE-2024-5071
2024-06-26 06:15:16
wpexploit
wpexploit
Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
2024-06-05 00:00:00
cvelist
cvelist
CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
2024-06-26 06:00:04
wpvulndb
wpvulndb
Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
2024-06-05 00:00:00
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for VULNRICHMENT:CVE-2024-5071