Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Amelia < 1.0.49 - Customer+ Arbitrary Appointments Status Update
Vulnerability Description
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any customer to update other's booking status, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it.
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
WordPress plugin Amelia 安全漏洞
Vulnerability Description
WordPress是Wordpress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是WordPress开源的一个应用插件。 WordPress plugin Amelia存在安全漏洞,该漏洞允许任何客户更新其他人的预约状态,以及检索有关预约的敏感信息,如预约者的全名和电话号码。
CVSS Information
N/A
Vulnerability Type
N/A