Medium severity5.4NVD Advisory· Published Mar 28, 2022· Updated Jun 17, 2026
CVE-2022-0720
CVE-2022-0720
Description
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other's booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Ameliadescription
- Range: <1.0.47
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/435ef99c-9210-46c7-80a4-09cd4d3d00cfnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.