BookingPress

1.1.7 Authentication Bypass to Account Takeover vulnerability 1.1.6 - 1.1.7

Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload vulnerability <= 1.1.5

Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation vulnerability <= 1.1.5

Appointment Duration Manipulation vulnerability <= 1.0.82

Insecure Direct Object References (IDOR) vulnerability <= 1.0.81