{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-4340", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2022-12-07T18:55:53.164Z", "datePublished": "2023-01-02T21:49:16.234Z", "dateUpdated": "2024-08-03T01:34:50.175Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2023-01-10T09:08:27.832Z"}, "title": "BookingPress < 1.0.31 - Unauthenticated IDOR in appointment_id", "problemTypes": [{"descriptions": [{"description": "CWE-639 Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "BookingPress", "versions": [{"status": "affected", "versionType": "custom", "version": "0", "lessThan": "1.0.31"}], "defaultStatus": "unaffected", "collectionURL": "https://wordpress.org/plugins"}], "descriptions": [{"lang": "en", "value": "The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference (IDOR) vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointment_id query parameter."}], "references": [{"url": "https://wpscan.com/vulnerability/8a7bd9f6-2789-474b-a237-01c643fdfba7", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Hussien Misbah", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:34:50.175Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/8a7bd9f6-2789-474b-a237-01c643fdfba7", "tags": ["exploit", "vdb-entry", "technical-description", "x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "0CE958CD-4171-43CE-955B-CA0931C93B44", "versionEndExcluding": "1.0.31", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The BookingPress WordPress plugin before 1.0.31 suffers from an Insecure Direct Object Reference (IDOR) vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointment_id query parameter."}, {"lang": "es", "value": "El complemento BookingPress de WordPress anterior a la versi\u00f3n 1.0.31 sufre una vulnerabilidad de Insecure Direct Object Reference (IDOR) en su p\u00e1gina de agradecimiento, lo que permite a cualquier visitante mostrar informaci\u00f3n sobre cualquier reserva, incluido el nombre completo, la fecha, la hora y el servicio reservado, manipulando el id de cita. par\u00e1metro de consulta."}], "id": "CVE-2022-4340", "lastModified": "2024-11-21T07:35:05.203", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-02T22:15:17.127", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/8a7bd9f6-2789-474b-a237-01c643fdfba7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/8a7bd9f6-2789-474b-a237-01c643fdfba7"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified"}

{}