cleantalk
Vulnerabilities and Security Researches

Booking for Appointments and Events Calendar – Amelia, CVE-2022-0616

CVE, Research URL

CVE-2022-0616

Home page URL

Security reports for Booking for Appointments and Events Calendar – Amelia

Application

Booking for Appointments and Events Calendar – Amelia

Published on
Mar 22, 2022
Research Description
The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting customers, which could allow attackers to make a logged in admin delete arbitrary customers via a CSRF attack
Affected versions
Min -, max 1.0.47.
Status
vulnerable
Previous vulnerability researches
Booking for Appointments and Events Calendar – Amelia (CVE-2024-22298) , Jun 10, 2024
Booking for Appointments and Events Calendar – Amelia (CVE-2024-6225) , Jun 22, 2024
Booking for Appointments and Events Calendar – Amelia (CVE-2022-0616) , Jun 07, 2024
Booking for Appointments and Events Calendar – Amelia (CVE-2022-0687) , Jun 07, 2024
Booking for Appointments and Events Calendar – Amelia (CVE-2022-0720) , Jun 07, 2024
New vulnerability
Big Boom Directory (CVE-2024-13673) , Apr 04, 2025
LuckyWP Table of Contents (CVE-2025-2299) , Apr 04, 2025
Customizable WordPress Gallery Plugin – Modula Image Gallery (CVE-2024-9416) , Apr 04, 2025
Contact Form vCard Generator (CVE-2025-31582) , Apr 04, 2025
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) (CVE-2025-1663) , Apr 04, 2025