CVE-2024-10856

CVSS V2 None CVSS V3 None

Description

The Booking Calendar WpDevArt plugin is vulnerable to time-based, blind SQL injection via the `id` parameter in the “wpdevart_booking_calendar” shortcode in versions up to, and including, 3.2.19 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. The vulnerability requires the “delete_prev_date” theme option being enabled. This makes it possible for authenticated attackers, with contributor-level access or above, to append additional SQL queries into already existing query that can be used to extract sensitive information such as passwords from the database.

Overview

CVE ID
CVE-2024-10856

Assigner
Wordfence

Vulnerability Status
PUBLISHED

Published Version
2024-12-24T11:09:50.601Z

Last Modified Date
2024-12-24T14:38:01.619Z

Weakness Enumerations

CWE	URL
CWE-89	http://cwe.mitre.org/data/definitions/89.html

References

Reference URL	Reference Tags
https://www.wordfence.com/threat-intel/vulnerabilities/id/bf297cd8-3d67-4750-b856-38ded4daf4ad?source=cve
https://plugins.trac.wordpress.org/browser/booking-calendar/tags/3.2.15/includes/main_class.php#L90
https://plugins.trac.wordpress.org/browser/booking-calendar/tags/3.2.15/includes/main_class.php#L91
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3209851%40booking-calendar&new=3209851%40booking-calendar&sfp_email=&sfph_mail=

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-10856
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10856

History

Created	Old Value	New Value	Data Type	Notes
2024-12-25 13:06:27				Added to TrackCVE