The Booking calendar, Appointment Booking System WordPress plugin before 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/4d91f3e1-4de9-46c1-b5ba-cc55b7726867 | Exploit Third Party Advisory |
Configurations
History
07 Nov 2023, 03:52
Type | Values Removed | Values Added |
---|---|---|
CWE |
Information
Published : 2022-12-12 18:15
Updated : 2024-02-28 19:51
NVD link : CVE-2022-3982
Mitre link : CVE-2022-3982
CVE.ORG link : CVE-2022-3982
JSON object : View
Products Affected
wpdevart
- booking_calendar
CWE
No CWE.