WordPress.Plugin.Booking.Calendar.Authenticated.SQL.Injection
Description
This indicates an attack attempt to exploit a SQL Injection vulnerability in Booking Calendar plugin.
The vulnerability is a result of the application's failure to properly sanitize user input before using it in a SQL query. As a result, a remote attacker can send a crafted query to execute SQL commands on a vulnerable server.
Affected Products
Booking Calendar plugin prior to 8.4.3
Impact
System Compromise: Remote attackers can access or modify data in the database of the affected application.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
https://wordpress.org/plugins/booking/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |