Vulnerabilities > Iqonicdesign

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-09	CVE-2025-3810	Authorization Bypass Through User-Controlled Key vulnerability in Iqonicdesign Wpbookit The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. network low complexity iqonicdesign CWE-639 critical	9.8
2025-05-09	CVE-2025-3811	Authorization Bypass Through User-Controlled Key vulnerability in Iqonicdesign Wpbookit The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. network low complexity iqonicdesign CWE-639 critical	9.8
2025-03-10	CVE-2025-26910	Cross-Site Request Forgery (CSRF) vulnerability in Iqonicdesign Wpbookit Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit allows Stored XSS. network low complexity iqonicdesign CWE-352	6.1
2025-01-25	CVE-2025-0357	Unrestricted Upload of File with Dangerous Type vulnerability in Iqonicdesign Wpbookit The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'WPB_Profile_controller::handle_image_upload' function in versions up to, and including, 1.6.9. network low complexity iqonicdesign CWE-434 critical	9.8
2025-01-09	CVE-2024-10215	Authorization Bypass Through User-Controlled Key vulnerability in Iqonicdesign Wpbookit The WPBookit plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.6.4. network low complexity iqonicdesign CWE-639 critical	9.8

Vulnerabilities > Iqonicdesign {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Iqonicdesign"}]}

Vulnerabilities > Iqonicdesign