Vulnerabilities > CVE-2022-36399 - Unspecified vulnerability in Boxystudio Booked

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

boxystudio

NVD

Published: 2023-12-28

Updated: 2024-01-04

Summary

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BoxyStudio Booked - Appointment Booking for WordPress | Calendars.This issue affects Booked - Appointment Booking for WordPress | Calendars: from n/a before 2.4.4.

Vulnerable Configurations

Part	Description	Count
Application	Boxystudio Boxystudio Booked *	1

References

https://patchstack.com/database/vulnerability/booked/wordpress-booked-plugin-2-4-unauth-appointment-data-exposure-vulnerability?_s_id=cve