Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Amelia < 1.0.47 - Customer+ Arbitrary Appointments Update and Sensitive Data Disclosure
Vulnerability Description
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other's booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it.
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
WordPress plugin Amelia 安全漏洞
Vulnerability Description
WordPress是Wordpress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是WordPress开源的一个应用插件。 WordPress plugin Amelia 1.0.47 之前版本存在安全漏洞,该漏洞源于在管理约会时没有适当的授权,允许任何客户更新他人的预订,以及检索有关预订的敏感信息,例如预订人的全名和电话号码。
CVSS Information
N/A
Vulnerability Type
N/A