Medium severity5.4NVD Advisory· Published Apr 4, 2022· Updated Jun 17, 2026
CVE-2022-0825
CVE-2022-0825
Description
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any customer to update other's booking status, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2693545nvdPatchThird Party Advisory
- wpscan.com/vulnerability/1a92a65f-e9df-41b5-9a1c-8e24ee9bf50envdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.