WordPress Plugin Vulnerabilities

BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin < 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload

Description

The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site and upload arbitrary files. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.

Affects Plugins

Plugin icon
bookingpress-appointment-booking
Fixed in 1.1.6

References

CVE
CVE-2024-6660
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/851ff861-474e-4063-88ff-d8d35b10e9a0

Classification

Type
INCORRECT AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-863
CVSS
8.8 (high)

Miscellaneous

Original Researcher
shaman0x01
Verified
No
WPVDB ID
9c1eb075-b164-4026-bf2c-3398a8c31782

Timeline

Publicly Published
2024-07-16 (about 1 year ago)
Added
2024-07-16 (about 1 year ago)
Last Updated
2024-07-16 (about 1 year ago)

Other

Published
Title
Published
2025-08-14
Title
Kadence WooCommerce Email Designer < 1.5.17 - Shop Manager+ Arbitrary Options Update
Published
2024-06-20
Title
WishList Member X < 3.26.7 - Subscriber+ Privilege Escalation
Published
2021-12-28
Title
Shortcode Addons < 3.2.0 - Authenticated Arbitrary Options Update
Published
2025-04-09
Title
SureForms < 1.4.4 - Contributor+ Settings Update
Published
2026-01-06
Title
Rankology SEO and Analytics Tool <= 2.0 - Editor+ Header & Footer Code Creation