CVE-2025-32254

Medium CVSS: 5.3

Missing Authorization vulnerability in Iqonic Design WPBookit wpbookit allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPBookit: from n/a through <= 1.0.7.

Vendor

Iqonic

Product

Wpbookit

CWE

CWE-862

Yayın Tarihi

2025-04-04 16:15:34

Güncelleme

2026-04-01 17:22:15

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-862 Wpbookit MEDIUM Iqonic 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/wpbookit/vulnerability/wordpress-wpbookit-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve

Benzer Kayıtlar

Critical

CVE-2025-6058

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ima…

High

CVE-2025-6057

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the han…

Critical

CVE-2025-3810

The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and…

Critical

CVE-2025-3811

The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and…

Medium

CVE-2025-26910

Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit wpbookit allows Stored XSS.This issue affects…

Medium

CVE-2025-1572

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the ‘u_i…