VYPR
Unrated severityNVD Advisory· Published Jan 13, 2025· Updated Aug 27, 2025

BookingPress < 1.1.23 - Unauthenticated Export File Download

CVE-2024-12274

Description

The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin before 1.1.23 export settings functionality exports data to a public folder, with an easily guessable file name, allowing unauthenticated attackers to access the exported files (if they exist).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.