Security Advisory

CVE-2022-0720

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-28 17:23:18

Last updated 2024-08-02 23:40:03

Assigner WPScan

State PUBLISHED

Description

The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update others booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it.

← Browse all CVEs View on cve.org ↗