CyberRota
← Ana sayfaya dön

CVE-2026-12393

UNKNOWN · CVSS N/A

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-17T07:16:38.023 · Çekilme zamanı: 2026-07-17T12:06:43.352936+00:00

CyberRota Yorumu

Saldırganın giriş yapmış olması gerekebilir.

CVE
CVE-2026-12393
Severity
UNKNOWN
CVSS
N/A
EPSS
Yok
WordPress

Orijinal NVD Açıklaması

The WPS Bookings for WooCommerce WordPress plugin before 3.11.7 does not verify that a booking order belongs to the requesting user before cancelling it, allowing any authenticated user, such as a Subscriber or Customer, to cancel and void other customers' booking orders.