WordPress Plugin Vulnerabilities

Booking Package < 1.5.29 - Unauthenticated Sensitive Data Disclosure

Description

The plugin requires a token for exporting the ical representation of it's booking calendar, but this token is returned in the json response to unauthenticated users performing a booking, leading to a sensitive data disclosure vulnerability.

Proof of Concept

Affects Plugins

Plugin icon
booking-package
Fixed in 1.5.29

References

CVE
CVE-2022-0709

Classification

Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
A3: Sensitive Data Exposure
CWE
CWE-200
CVSS
7.5 (high)

Miscellaneous

Original Researcher
huli of Cymetrics
Submitter
huli of Cymetrics
Submitter website
https://cymetrics.io/
Verified
Yes
WPVDB ID
3cd1d8d2-d2a4-45a9-9b5f-c2a56f08be85

Timeline

Publicly Published
2022-03-09 (about 3 years ago)
Added
2022-03-09 (about 3 years ago)
Last Updated
2022-04-17 (about 3 years ago)

Other

Published
Title
Published
2024-08-28
Title
GiveWP < 3.16.0 - Unauthenticated Full Path Disclosure
Published
2023-03-02
Title
WP SMS < 6.0.4.1 - Information Disclosure via REST API
Published
2025-04-04
Title
KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin <= 1.7.4 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory
Published
2023-02-13
Title
Profile Builder < 3.9.1 - Subscriber+ Arbitrary User Meta Disclosure
Published
2025-04-15
Title
WP Staging Pro < 6.1.3 - Unauthenticated Information Exposure via getOutdatedPluginsRequest Function