Security Advisory

CVE-2022-3982

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-12 17:54:47

Last updated 2025-04-22 14:52:56

Assigner WPScan

State PUBLISHED

Description

The Booking calendar, Appointment Booking System WordPress plugin before 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE

← Browse all CVEs View on cve.org ↗