Booking Ultra Pro Appointments Booking Calendar Plugin, CVE-2024-38717

CVE, Research URL: CVE-2024-38717
Home page URL: Security reports for Booking Ultra Pro Appointments Booking Calendar Plugin
Application: Booking Ultra Pro Appointments Booking Calendar Plugin
Published on: Jul 12, 2024
Research Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Booking Ultra Pro allows PHP Local File Inclusion.This issue affects Booking Ultra Pro: from n/a through 1.1.13.
Affected versions: max 1.1.13.
Status: vulnerable