Lucene search
WPScanCVELIST:CVE-2024-5071HistoryJun 26, 2024 - 6:00 a.m.
CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
2024-06-2606:00:04
WPScan
www.cve.org
3
cve-2024-5071
bookster
wordpress
unauthenticated
appointment
status
update
validation
manipulate
pending
approved
sensitive
parameters.
0.0004 Low
EPSS
Percentile
9.1%
The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment (the request body) to change its status from pending to approved.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Bookster ",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "1.1.0"
}
],
"defaultStatus": "affected"
}
]Related
vulnrichment
vulnrichment
CVE-2024-5071 Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
2024-06-26 06:00:04
nvd
nvd
CVE-2024-5071
2024-06-26 06:15:16
cve
cve
CVE-2024-5071
2024-06-26 06:15:16
wpvulndb
wpvulndb
Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
2024-06-05 00:00:00
wpexploit
wpexploit
Bookster <= 1.1.0 - Unauthenticated Appointment Status Update
2024-06-05 00:00:00