The Booking calendar, Appointment Booking System WordPress plugin before 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/4d91f3e1-4de9-46c1-b5ba-cc55b7726867 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-12-12T17:54:47.850Z
Updated:
Reserved: 2022-11-14T09:57:40.519Z
Link: CVE-2022-3982
JSON object: View
NVD Information
Status : Modified
Published: 2022-12-12T18:15:12.487
Modified: 2023-11-07T03:52:03.933
Link: CVE-2022-3982
JSON object: View
Redhat Information
No data.
CWE
No CWE.