Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress by reputeinfosystems

    CVE-2024-11726 (GCVE-0-2024-11726)

    Vulnerability from nvd – Published: 2024-12-24 11:09 – Updated: 2026-04-08 16:59
    VLAI
    Title
    Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.21 - Authenticated (Contributor+) SQL Injection
    Summary
    The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter of the 'bookingpress_form' shortcode in all versions up to, and including, 1.1.21 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Credits
    Khayal Farzaliyev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-11726",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-24T14:38:52.433692Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-24T14:39:00.800Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.21",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Khayal Farzaliyev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress plugin for WordPress is vulnerable to SQL Injection via the \u0027category\u0027 parameter of the \u0027bookingpress_form\u0027 shortcode in all versions up to, and including, 1.1.21 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:59:19.978Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d081b89-1b98-4f4f-8728-d1ea676d7afd?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3206780/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-12-23T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress \u003c= 1.1.21 - Authenticated (Contributor+) SQL Injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-11726",
        "datePublished": "2024-12-24T11:09:50.216Z",
        "dateReserved": "2024-11-25T20:45:40.959Z",
        "dateUpdated": "2026-04-08T16:59:19.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-10540 (GCVE-0-2024-10540)

    Vulnerability from nvd – Published: 2024-11-02 02:03 – Updated: 2026-04-08 16:41
    VLAI
    Title
    Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.16 - Authenticated (Subscriber+) SQL Injection
    Summary
    The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'service' parameter of the bookingpress_form shortcode in all versions up to, and including, 1.1.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Credits
    Arkadiusz Hydzik
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-10540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-02T16:44:34.100967Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-02T16:44:50.978Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.16",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Arkadiusz Hydzik"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress plugin for WordPress is vulnerable to SQL Injection via the \u0027service\u0027 parameter of the bookingpress_form shortcode in all versions up to, and including, 1.1.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:41:25.920Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21690b9c-ffec-4195-8c0f-2b1801552bc6?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress.php#L358"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php#L3683"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php#L4620"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3179229/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-11-01T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress \u003c= 1.1.16 - Authenticated (Subscriber+) SQL Injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-10540",
        "datePublished": "2024-11-02T02:03:07.525Z",
        "dateReserved": "2024-10-30T12:04:21.636Z",
        "dateUpdated": "2026-04-08T16:41:25.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7350 (GCVE-0-2024-7350)

    Vulnerability from nvd – Published: 2024-08-08 02:32 – Updated: 2024-08-08 13:23
    VLAI
    Title
    Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account Takeover
    Summary
    The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin not properly verifying a user's identity prior to logging them in when completing a booking. This makes it possible for unauthenticated attackers to log in as registered users, including administrators, if they have access to that user's email. This is only exploitable when the 'Auto login user after successful booking' setting is enabled.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 1.1.6 , ≤ 1.1.7 (semver)
    Create a notification for this product.
    reputeinfosystems appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress Affected: 1.1.6 , ≤ 1.1.7 (semver)
        cpe:2.3:a:reputeinfosystems:appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Gibran Abdillah
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThanOrEqual": "1.1.7",
                    "status": "affected",
                    "version": "1.1.6",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7350",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-08T13:17:52.373438Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-08T13:23:12.522Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.7",
                  "status": "affected",
                  "version": "1.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gibran Abdillah"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Appointment Booking Calendar Plugin and Online Scheduling Plugin \u2013 BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin not properly verifying a user\u0027s identity prior to logging them in when completing a booking. This makes it possible for unauthenticated attackers to log in as registered users, including administrators, if they have access to that user\u0027s email.  This is only exploitable when the \u0027Auto login user after successful booking\u0027 setting is enabled."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-08T02:32:06.827Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4c367565-75f7-4dd7-a2f1-111df581bd7a?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_customers.php#L339"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3130266/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_customers.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-08-07T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Appointment Booking Calendar Plugin and Online Scheduling Plugin \u2013 BookingPress 1.1.6  - 1.1.7 - Authentication Bypass to Account Takeover"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-7350",
        "datePublished": "2024-08-08T02:32:06.827Z",
        "dateReserved": "2024-07-31T20:31:57.740Z",
        "dateUpdated": "2024-08-08T13:23:12.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6660 (GCVE-0-2024-6660)

    Vulnerability from nvd – Published: 2024-07-17 06:45 – Updated: 2026-04-08 17:04
    VLAI
    Title
    BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload
    Summary
    The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site and upload arbitrary files. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-280 - Improper Handling of Insufficient Permissions or Privileges
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 0 , ≤ 1.1.5 (semver)
    Create a notification for this product.
    reputeinfosystems bookingpress Affected: 0 , ≤ 1.1.5 (semver)
        cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Khayal Farzaliyev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThanOrEqual": "1.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6660",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-17T18:50:10.975366Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-17T18:56:33.236Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:41:04.263Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/851ff861-474e-4063-88ff-d8d35b10e9a0?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L476"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L410"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L1491"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php?contextall=1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Khayal Farzaliyev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site and upload arbitrary files. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-280",
                  "description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:04:32.181Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/851ff861-474e-4063-88ff-d8d35b10e9a0?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L476"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L410"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L1491"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php?contextall=1"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-16T18:09:31.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin \u003c= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-6660",
        "datePublished": "2024-07-17T06:45:09.895Z",
        "dateReserved": "2024-07-10T17:00:38.818Z",
        "dateUpdated": "2026-04-08T17:04:32.181Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-6467 (GCVE-0-2024-6467)

    Vulnerability from nvd – Published: 2024-07-17 06:45 – Updated: 2026-04-08 17:24
    VLAI
    Title
    BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation
    Summary
    The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the 'bookingpress_save_lite_wizard_settings_func' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary files that contain the content of files (either on the local server or from a remote location), allowing the execution of any PHP code in those files or the exposure of sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External Control of File Name or Path
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 0 , ≤ 1.1.5 (semver)
    Create a notification for this product.
    reputeinfosystems bookingpress Affected: 0 , ≤ 1.1.5 (semver)
        cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Arkadiusz Hydzik
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThanOrEqual": "1.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6467",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-23T14:40:47.626122Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-23T14:44:53.298Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:41:03.419Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0177510-cd7d-4cc5-96c3-78433aa0e3f6?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Arkadiusz Hydzik"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the \u0027bookingpress_save_lite_wizard_settings_func\u0027 function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary files that contain the content of files (either on the local server or from a remote location), allowing the execution of any PHP code in those files or the exposure of sensitive information."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73 External Control of File Name or Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:24:48.331Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0177510-cd7d-4cc5-96c3-78433aa0e3f6?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-03T00:00:00.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2024-07-16T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "BookingPress Appointment Booking \u003c= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-6467",
        "datePublished": "2024-07-17T06:45:11.571Z",
        "dateReserved": "2024-07-03T00:36:15.239Z",
        "dateUpdated": "2026-04-08T17:24:48.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-3022 (GCVE-0-2024-3022)

    Vulnerability from nvd – Published: 2024-04-04 01:56 – Updated: 2026-04-08 16:33
    VLAI
    Title
    BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload
    Summary
    The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to upload arbitrary files on the affected site's server, enabling remote code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 0 , ≤ 1.0.87 (semver)
    Create a notification for this product.
    reputeinfosystems bookingpress Affected: 0 , < 1.0.87 (custom)
        cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Dian Sun
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThan": "1.0.87",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-3022",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-04T15:22:22.052698Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-20T15:17:18.951Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:32:42.511Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/049ec264-3ed1-4741-937d-8a633ef0a627?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://r0ot.notion.site/BookingPress-1-0-84-Authenticated-Administrator-Arbitrary-File-Upload-lead-to-RCE-e2603371c0c14d828144e26f2fdc1d01?pvs=4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3061435/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.87",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Dian Sun"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the \u0027bookingpress_process_upload\u0027 function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to upload arbitrary files on the affected site\u0027s server, enabling remote code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:33:13.451Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/049ec264-3ed1-4741-937d-8a633ef0a627?source=cve"
            },
            {
              "url": "https://r0ot.notion.site/BookingPress-1-0-84-Authenticated-Administrator-Arbitrary-File-Upload-lead-to-RCE-e2603371c0c14d828144e26f2fdc1d01?pvs=4"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3061435/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-04-03T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin \u003c= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-3022",
        "datePublished": "2024-04-04T01:56:44.555Z",
        "dateReserved": "2024-03-27T18:18:50.249Z",
        "dateUpdated": "2026-04-08T16:33:13.451Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6219 (GCVE-0-2023-6219)

    Vulnerability from nvd – Published: 2023-11-28 02:37 – Updated: 2026-04-08 17:00
    VLAI
    Title
    BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload
    Summary
    The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 0 , ≤ 1.0.76 (semver)
    Create a notification for this product.
    reputeinfosystems bookingpress Affected: 0 , ≤ 1.0.76 (semver)
        cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    István Márton
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThanOrEqual": "1.0.76",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6219",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-11T15:31:44.533081Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-17T18:58:18.037Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:18.053Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/710b8e4e-01de-4e99-8cf2-31abc2419b29?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/tags/1.0.76/core/classes/class.bookingpress_fileupload_class.php#L140"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3001484/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_settings.php"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3001484/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.76",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Istv\u00e1n M\u00e1rton"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the \u0027bookingpress_process_upload\u0027 function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:00:30.824Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/710b8e4e-01de-4e99-8cf2-31abc2419b29?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/tags/1.0.76/core/classes/class.bookingpress_fileupload_class.php#L140"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3001484/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_settings.php"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3001484/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-11-17T00:00:00.000Z",
              "value": "Discovered"
            },
            {
              "lang": "en",
              "time": "2023-11-17T00:00:00.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2023-11-27T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "BookingPress \u003c= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2023-6219",
        "datePublished": "2023-11-28T02:37:20.309Z",
        "dateReserved": "2023-11-20T17:34:49.653Z",
        "dateUpdated": "2026-04-08T17:00:30.824Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-11726 (GCVE-0-2024-11726)

    Vulnerability from cvelistv5 – Published: 2024-12-24 11:09 – Updated: 2026-04-08 16:59
    VLAI
    Title
    Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.21 - Authenticated (Contributor+) SQL Injection
    Summary
    The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter of the 'bookingpress_form' shortcode in all versions up to, and including, 1.1.21 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Credits
    Khayal Farzaliyev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-11726",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-24T14:38:52.433692Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-24T14:39:00.800Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.21",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Khayal Farzaliyev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress plugin for WordPress is vulnerable to SQL Injection via the \u0027category\u0027 parameter of the \u0027bookingpress_form\u0027 shortcode in all versions up to, and including, 1.1.21 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:59:19.978Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d081b89-1b98-4f4f-8728-d1ea676d7afd?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3206780/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-12-23T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress \u003c= 1.1.21 - Authenticated (Contributor+) SQL Injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-11726",
        "datePublished": "2024-12-24T11:09:50.216Z",
        "dateReserved": "2024-11-25T20:45:40.959Z",
        "dateUpdated": "2026-04-08T16:59:19.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-10540 (GCVE-0-2024-10540)

    Vulnerability from cvelistv5 – Published: 2024-11-02 02:03 – Updated: 2026-04-08 16:41
    VLAI
    Title
    Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.16 - Authenticated (Subscriber+) SQL Injection
    Summary
    The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'service' parameter of the bookingpress_form shortcode in all versions up to, and including, 1.1.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Credits
    Arkadiusz Hydzik
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-10540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-02T16:44:34.100967Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-02T16:44:50.978Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.16",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Arkadiusz Hydzik"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress plugin for WordPress is vulnerable to SQL Injection via the \u0027service\u0027 parameter of the bookingpress_form shortcode in all versions up to, and including, 1.1.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:41:25.920Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21690b9c-ffec-4195-8c0f-2b1801552bc6?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress.php#L358"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php#L3683"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php#L4620"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3179229/bookingpress-appointment-booking/trunk/core/classes/frontend/class.bookingpress_appointment_bookings.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-11-01T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress \u003c= 1.1.16 - Authenticated (Subscriber+) SQL Injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-10540",
        "datePublished": "2024-11-02T02:03:07.525Z",
        "dateReserved": "2024-10-30T12:04:21.636Z",
        "dateUpdated": "2026-04-08T16:41:25.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7350 (GCVE-0-2024-7350)

    Vulnerability from cvelistv5 – Published: 2024-08-08 02:32 – Updated: 2024-08-08 13:23
    VLAI
    Title
    Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account Takeover
    Summary
    The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin not properly verifying a user's identity prior to logging them in when completing a booking. This makes it possible for unauthenticated attackers to log in as registered users, including administrators, if they have access to that user's email. This is only exploitable when the 'Auto login user after successful booking' setting is enabled.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 1.1.6 , ≤ 1.1.7 (semver)
    Create a notification for this product.
    reputeinfosystems appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress Affected: 1.1.6 , ≤ 1.1.7 (semver)
        cpe:2.3:a:reputeinfosystems:appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Gibran Abdillah
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "appointment_booking_calendar_plugin_and_scheduling_plugin_bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThanOrEqual": "1.1.7",
                    "status": "affected",
                    "version": "1.1.6",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7350",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-08T13:17:52.373438Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-08T13:23:12.522Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.7",
                  "status": "affected",
                  "version": "1.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gibran Abdillah"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Appointment Booking Calendar Plugin and Online Scheduling Plugin \u2013 BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin not properly verifying a user\u0027s identity prior to logging them in when completing a booking. This makes it possible for unauthenticated attackers to log in as registered users, including administrators, if they have access to that user\u0027s email.  This is only exploitable when the \u0027Auto login user after successful booking\u0027 setting is enabled."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-08T02:32:06.827Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4c367565-75f7-4dd7-a2f1-111df581bd7a?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_customers.php#L339"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3130266/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_customers.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-08-07T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Appointment Booking Calendar Plugin and Online Scheduling Plugin \u2013 BookingPress 1.1.6  - 1.1.7 - Authentication Bypass to Account Takeover"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-7350",
        "datePublished": "2024-08-08T02:32:06.827Z",
        "dateReserved": "2024-07-31T20:31:57.740Z",
        "dateUpdated": "2024-08-08T13:23:12.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6467 (GCVE-0-2024-6467)

    Vulnerability from cvelistv5 – Published: 2024-07-17 06:45 – Updated: 2026-04-08 17:24
    VLAI
    Title
    BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation
    Summary
    The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the 'bookingpress_save_lite_wizard_settings_func' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary files that contain the content of files (either on the local server or from a remote location), allowing the execution of any PHP code in those files or the exposure of sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External Control of File Name or Path
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 0 , ≤ 1.1.5 (semver)
    Create a notification for this product.
    reputeinfosystems bookingpress Affected: 0 , ≤ 1.1.5 (semver)
        cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Arkadiusz Hydzik
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThanOrEqual": "1.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6467",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-23T14:40:47.626122Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-23T14:44:53.298Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:41:03.419Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0177510-cd7d-4cc5-96c3-78433aa0e3f6?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Arkadiusz Hydzik"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the \u0027bookingpress_save_lite_wizard_settings_func\u0027 function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary files that contain the content of files (either on the local server or from a remote location), allowing the execution of any PHP code in those files or the exposure of sensitive information."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73 External Control of File Name or Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:24:48.331Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0177510-cd7d-4cc5-96c3-78433aa0e3f6?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-03T00:00:00.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2024-07-16T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "BookingPress Appointment Booking \u003c= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-6467",
        "datePublished": "2024-07-17T06:45:11.571Z",
        "dateReserved": "2024-07-03T00:36:15.239Z",
        "dateUpdated": "2026-04-08T17:24:48.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-6660 (GCVE-0-2024-6660)

    Vulnerability from cvelistv5 – Published: 2024-07-17 06:45 – Updated: 2026-04-08 17:04
    VLAI
    Title
    BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload
    Summary
    The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site and upload arbitrary files. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-280 - Improper Handling of Insufficient Permissions or Privileges
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 0 , ≤ 1.1.5 (semver)
    Create a notification for this product.
    reputeinfosystems bookingpress Affected: 0 , ≤ 1.1.5 (semver)
        cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Khayal Farzaliyev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThanOrEqual": "1.1.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6660",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-17T18:50:10.975366Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-17T18:56:33.236Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:41:04.263Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/851ff861-474e-4063-88ff-d8d35b10e9a0?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L476"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L410"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L1491"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php?contextall=1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Khayal Farzaliyev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site and upload arbitrary files. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-280",
                  "description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:04:32.181Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/851ff861-474e-4063-88ff-d8d35b10e9a0?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L476"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L410"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php#L1491"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3116857/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_import_export.php?contextall=1"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-16T18:09:31.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin \u003c= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-6660",
        "datePublished": "2024-07-17T06:45:09.895Z",
        "dateReserved": "2024-07-10T17:00:38.818Z",
        "dateUpdated": "2026-04-08T17:04:32.181Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-3022 (GCVE-0-2024-3022)

    Vulnerability from cvelistv5 – Published: 2024-04-04 01:56 – Updated: 2026-04-08 16:33
    VLAI
    Title
    BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload
    Summary
    The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to upload arbitrary files on the affected site's server, enabling remote code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 0 , ≤ 1.0.87 (semver)
    Create a notification for this product.
    reputeinfosystems bookingpress Affected: 0 , < 1.0.87 (custom)
        cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    Dian Sun
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThan": "1.0.87",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-3022",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-04T15:22:22.052698Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-20T15:17:18.951Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T19:32:42.511Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/049ec264-3ed1-4741-937d-8a633ef0a627?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://r0ot.notion.site/BookingPress-1-0-84-Authenticated-Administrator-Arbitrary-File-Upload-lead-to-RCE-e2603371c0c14d828144e26f2fdc1d01?pvs=4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3061435/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.87",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Dian Sun"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the \u0027bookingpress_process_upload\u0027 function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level capabilities or higher to upload arbitrary files on the affected site\u0027s server, enabling remote code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:33:13.451Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/049ec264-3ed1-4741-937d-8a633ef0a627?source=cve"
            },
            {
              "url": "https://r0ot.notion.site/BookingPress-1-0-84-Authenticated-Administrator-Arbitrary-File-Upload-lead-to-RCE-e2603371c0c14d828144e26f2fdc1d01?pvs=4"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3061435/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-04-03T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin \u003c= 1.0.87 - Authenticated (Admin+) Arbitrary File Upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-3022",
        "datePublished": "2024-04-04T01:56:44.555Z",
        "dateReserved": "2024-03-27T18:18:50.249Z",
        "dateUpdated": "2026-04-08T16:33:13.451Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6219 (GCVE-0-2023-6219)

    Vulnerability from cvelistv5 – Published: 2023-11-28 02:37 – Updated: 2026-04-08 17:00
    VLAI
    Title
    BookingPress <= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload
    Summary
    The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'bookingpress_process_upload' function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    reputeinfosystems Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress Affected: 0 , ≤ 1.0.76 (semver)
    Create a notification for this product.
    reputeinfosystems bookingpress Affected: 0 , ≤ 1.0.76 (semver)
        cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*
    Create a notification for this product.
    Credits
    István Márton
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "bookingpress",
                "vendor": "reputeinfosystems",
                "versions": [
                  {
                    "lessThanOrEqual": "1.0.76",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6219",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-11T15:31:44.533081Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-17T18:58:18.037Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:21:18.053Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/710b8e4e-01de-4e99-8cf2-31abc2419b29?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/tags/1.0.76/core/classes/class.bookingpress_fileupload_class.php#L140"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3001484/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_settings.php"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/3001484/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Appointment Booking Calendar Plugin and Scheduling Plugin \u2013 BookingPress",
              "vendor": "reputeinfosystems",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.76",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Istv\u00e1n M\u00e1rton"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the \u0027bookingpress_process_upload\u0027 function in versions up to, and including, 1.0.76. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:00:30.824Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/710b8e4e-01de-4e99-8cf2-31abc2419b29?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/bookingpress-appointment-booking/tags/1.0.76/core/classes/class.bookingpress_fileupload_class.php#L140"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3001484/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_settings.php"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3001484/bookingpress-appointment-booking/trunk/core/classes/class.bookingpress_fileupload_class.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-11-17T00:00:00.000Z",
              "value": "Discovered"
            },
            {
              "lang": "en",
              "time": "2023-11-17T00:00:00.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2023-11-27T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "BookingPress \u003c= 1.0.76 - Authenticated (Administrator+) Arbitrary File Upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2023-6219",
        "datePublished": "2023-11-28T02:37:20.309Z",
        "dateReserved": "2023-11-20T17:34:49.653Z",
        "dateUpdated": "2026-04-08T17:00:30.824Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }