2025-12-12 10:17:08
WPScan
PUBLISHED
The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment options.