The WPBookit plugin for WordPress has a security issue that allows anyone to upload any type of file, even potentially harmful ones, through the ‘add_new_customer’ route. This means that someone who doesn’t have permission to access the site can upload files that could potentially harm the site. This issue exists in all versions of the plugin up to version 1.0.6.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
