WordPress eaSYNC Booking 漏洞列表

共找到 2 个与 WordPress eaSYNC Booking 相关的漏洞

📅 加载漏洞趋势中...

CVE-2022-1952: WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload POC

日期: 2025-08-01 | 影响软件: WordPress eaSYNC Booking

WordPress eaSync Booking plugin bundle for hotel, restaurant and car rental before 1.1.16 is susceptible to arbitrary file upload. The plugin contains insufficient input validation of an AJAX action. An allowlist of valid file extensions is defined but is not used during the validation steps. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
CVE-2022-1952: WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload POC

日期: 2025-08-01 | 影响软件: WordPress eaSYNC Booking

WordPress eaSync Booking plugin bundle for hotel, restaurant and car rental before 1.1.16 is susceptible to arbitrary file upload. The plugin contains insufficient input validation of an AJAX action. An allowlist of valid file extensions is defined but is not used during the validation steps. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.