Security Advisory

CVE-2025-12841

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-12 10:17:08

Last updated 2025-12-12 17:50:21

Assigner WPScan

State PUBLISHED

Description

The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment options.

← Browse all CVEs View on cve.org ↗