The WP FEvents Book plugin (version <= 0.46) allows arbitrary booking manipulation via Insecure Direct Object References (IDOR), enabling authenticated users to book, add notes, or cancel bookings on behalf of other users
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
![]() | CVE-2023-1129 | 24 Apr 202319:15 | – | nvd |
![]() | CVE-2023-1129 | 24 Apr 202319:15 | – | cve |
![]() | WordPress WP FEvents Book Plugin <= 0.46 is vulnerable to Insecure Direct Object References (IDOR) | 5 Apr 202300:00 | – | patchstack |
![]() | WP FEvents Book <= 0.46 - Subscriber+ Arbitrary Booking Manipulation via IDOR | 3 Apr 202300:00 | – | wpexploit |
![]() | Design/Logic Flaw | 24 Apr 202319:15 | – | prion |
![]() | CVE-2023-1129 WP FEvents Book <= 0.46 - Subscriber+ Arbitrary Booking Manipulation via IDOR | 24 Apr 202318:30 | – | cvelist |
![]() | Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 3, 2023 to Apr 9, 2023) | 13 Apr 202312:03 | – | wordfence |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo