CVE-2024-24715 – WordPress WordPress BookIt Plugin plugin <= 2.4.0 - Price Bypass Vulnerability vulnerability
https://notcve.org/view.php?id=CVE-2024-24715
Improper Validation of Specified Quantity in Input vulnerability in The Events Calendar BookIt allows Manipulating Hidden Fields.This issue affects BookIt: from n/a through 2.4.0. Vulnerabilidad de validación incorrecta de la cantidad especificada en la entrada en The Events Calendar BookIt. Permite manipular campos ocultos. Este problema afecta a BookIt: desde n/a hasta 2.4.0. The Booking Calendar | Appointment Booking | BookIt plugin for WordPress is vulnerable to Price Bypass in versions up to and including 2.4.0. • https://patchstack.com/database/vulnerability/bookit/wordpress-wordpress-bookit-plugin-plugin-2-4-0-price-bypass-vulnerability-vulnerability?_s_id=cve • CWE-285: Improper Authorization CWE-1284: Improper Validation of Specified Quantity in Input •