CVE-2024-12274

HighPublic PoC

Published: 13 January 2025

Published

13 January 2025

Modified

08 May 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0051 66.4th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin before 1.1.23 export settings functionality exports data to a public folder, with an easily guessable file name, allowing unauthenticated attackers to access the exported files (if they exist).

Security Summary

CVE-2024-12274 is a vulnerability in the Appointment Booking Calendar Plugin and Scheduling Plugin for WordPress, affecting versions prior to 1.1.23. The issue resides in the export settings functionality, which stores exported data in a public folder using an easily guessable filename. This design flaw enables unauthorized access to any existing exported files.

Unauthenticated attackers can exploit this vulnerability remotely over the network with low attack complexity, requiring no privileges, user interaction, or special conditions. Exploitation allows retrieval of the exported files' contents, leading to high-impact confidentiality violations, such as exposure of sensitive plugin settings or other data. The CVSS v3.1 base score is 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

The WPScan advisory at https://wpscan.com/vulnerability/e3176c9a-63f3-4a28-a8a7-8abb2b4100ef/ details the issue, with mitigation achieved by updating to version 1.1.23 or later, which resolves the insecure export behavior.

Details

CWE(s): NVD-CWE-noinfo

Affected Products

codepeople

appointment booking calendar

≤ 1.1.23

References

https://wpscan.com/vulnerability/e3176c9a-63f3-4a28-a8a7-8abb2b4100ef/
Exploit, Third Party Advisory · contact@wpscan.com