BookingPress < 1.0.11 - Unauthenticated SQL Injection
CVE-2022-0739

9.8CRITICAL

Key Information:

Vendor: Wordpress
Status: Bookingpress – Appointments Booking Calendar Plugin And Online Scheduling Plugin
Vendor: CVE Published:; 21 March 2022

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection

Affected Version(s)

BookingPress – Appointments Booking Calendar Plugin and Online Scheduling Plugin 1.0.11

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2022-0739
Created by BKreisel

CVE-2022-0739
Created by destr4ct

CVE-2022-0739
Created by Chris01s

References

https://wpscan.com/vulnerability/388cd42d-b61a-42a4-8604-...

x_refsource_MISC

https://plugins.trac.wordpress.org/changeset/2684789

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Mar 19, 2023
👾
Exploit known to exist
Mar 19, 2023
Vulnerability published
Mar 21, 2022
Vulnerability Reserved
Feb 23, 2022

Credit

cydave