All the vulnerabilites related to latepoint - LatePoint – Calendar Booking Plugin for Appointments and Events
cve-2025-3769
Vulnerability from cvelistv5
Published
2025-05-14 11:12
Modified
2025-05-14 13:28
Severity ?
EPSS score ?
Summary
Latepoint <= 5.1.92 - Unauthenticated Insecure Direct Object Reference
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T13:27:58.887787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T13:28:22.074Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LatePoint \u2013 Calendar Booking Plugin for Appointments and Events",
"vendor": "latepoint",
"versions": [
{
"lessThanOrEqual": "5.1.92",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Martin Martin"
}
],
"descriptions": [
{
"lang": "en",
"value": "The LatePoint \u2013 Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the \u0027view_booking_summary_in_lightbox\u0027 due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to retrieve appointment details such as customer names and email addresses."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T11:12:25.594Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e9acd26-c341-4ece-bcf1-102f953a4b4f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/latepoint/trunk/lib/controllers/customer_cabinet_controller.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3291162/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-13T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Latepoint \u003c= 5.1.92 - Unauthenticated Insecure Direct Object Reference"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-3769",
"datePublished": "2025-05-14T11:12:25.594Z",
"dateReserved": "2025-04-17T15:37:44.705Z",
"dateUpdated": "2025-05-14T13:28:22.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-6815
Vulnerability from cvelistv5
Published
2025-09-30 04:27
Modified
2025-09-30 15:39
Severity ?
EPSS score ?
Summary
LatePoint <= 5.1.94 - Authenticated (Administrator+) Stored Cross-Site Scripting
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6815",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:39:05.466963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:39:14.032Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LatePoint \u2013 Calendar Booking Plugin for Appointments and Events",
"vendor": "latepoint",
"versions": [
{
"lessThanOrEqual": "5.1.94",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Robert Kruczek"
},
{
"lang": "en",
"type": "finder",
"value": "Kamil Szczurowski"
}
],
"descriptions": [
{
"lang": "en",
"value": "The LatePoint \u2013 Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018service[name]\u2019 parameter in all versions up to, and including, 5.1.94 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T04:27:06.415Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/28e9c77c-5c36-4449-ab90-86f2385ba1ae?source=cve"
},
{
"url": "https://wordpress.org/plugins/latepoint/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3366851%40latepoint\u0026new=3366851%40latepoint\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-08T16:23:03.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-09-29T16:24:39.000+00:00",
"value": "Disclosed"
}
],
"title": "LatePoint \u003c= 5.1.94 - Authenticated (Administrator+) Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-6815",
"datePublished": "2025-09-30T04:27:06.415Z",
"dateReserved": "2025-06-27T16:43:04.262Z",
"dateUpdated": "2025-09-30T15:39:14.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-7052
Vulnerability from cvelistv5
Published
2025-09-30 04:27
Modified
2025-09-30 15:40
Severity ?
EPSS score ?
Summary
LatePoint <= 5.1.94 - Cross-Site Request Forgery to Account Takeover via change_password() Function
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7052",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:40:40.413047Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:40:47.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LatePoint \u2013 Calendar Booking Plugin for Appointments and Events",
"vendor": "latepoint",
"versions": [
{
"lessThanOrEqual": "5.1.94",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.94. This is due to missing nonce validation on the change_password() function of its customer_cabinet__change_password AJAX route. The plugin hooks this endpoint via wp_ajax and wp_ajax_nopriv but does not verify a nonce or user capability before resetting the user\u2019s password. This makes it possible for unauthenticated attackers who trick a logged-in customer (or, with \u201cWP users as customers\u201d enabled, an administrator) into visiting a malicious link to take over their account."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T04:27:07.926Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/df8a8ce0-7258-40ae-bf73-f8c6185fdd16?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/latepoint/tags/5.1.93/lib/controllers/customer_cabinet_controller.php#L403"
},
{
"url": "https://wordpress.org/plugins/latepoint/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/browser/latepoint/tags/5.1.93/latepoint.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3366851/latepoint/tags/5.2.0/lib/controllers/customer_cabinet_controller.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-08T16:23:03.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-09-29T16:24:40.000+00:00",
"value": "Disclosed"
}
],
"title": "LatePoint \u003c= 5.1.94 - Cross-Site Request Forgery to Account Takeover via change_password() Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7052",
"datePublished": "2025-09-30T04:27:07.926Z",
"dateReserved": "2025-07-03T19:21:30.973Z",
"dateUpdated": "2025-09-30T15:40:47.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-7038
Vulnerability from cvelistv5
Published
2025-09-30 04:27
Modified
2025-09-30 15:40
Severity ?
EPSS score ?
Summary
LatePoint <= 5.1.94 - Unauthenticated Authentication Bypass via load_step Function
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7038",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:40:09.385324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:40:19.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LatePoint \u2013 Calendar Booking Plugin for Appointments and Events",
"vendor": "latepoint",
"versions": [
{
"lessThanOrEqual": "5.1.94",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The LatePoint plugin for WordPress is vulnerable to Authentication Bypass due to insufficient identity verification within the steps__load_step route of the latepoint_route_call AJAX endpoint in all versions up to, and including, 5.1.94. The endpoint reads the client-supplied customer email and related customer fields before invoking the internal login handler without verifying login status, capability checks, or a valid AJAX nonce. This makes it possible for unauthenticated attackers to log into any customer\u2019s account."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T04:27:07.535Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7389e17-a357-481a-8716-3a93cb6afa7c?source=cve"
},
{
"url": "https://wordpress.org/plugins/latepoint/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/browser/latepoint/tags/5.1.93/latepoint.php"
},
{
"url": "https://plugins.trac.wordpress.org/browser/latepoint/tags/5.1.93/lib/controllers/steps_controller.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3366851%40latepoint\u0026new=3366851%40latepoint\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-08T16:23:03.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-09-29T16:24:40.000+00:00",
"value": "Disclosed"
}
],
"title": "LatePoint \u003c= 5.1.94 - Unauthenticated Authentication Bypass via load_step Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7038",
"datePublished": "2025-09-30T04:27:07.535Z",
"dateReserved": "2025-07-02T20:41:45.476Z",
"dateUpdated": "2025-09-30T15:40:19.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-6941
Vulnerability from cvelistv5
Published
2025-09-30 04:27
Modified
2025-09-30 15:39
Severity ?
EPSS score ?
Summary
LatePoint <= 5.1.94 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T15:39:38.627496Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T15:39:46.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LatePoint \u2013 Calendar Booking Plugin for Appointments and Events",
"vendor": "latepoint",
"versions": [
{
"lessThanOrEqual": "5.1.94",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muhammad Yudha - DJ"
}
],
"descriptions": [
{
"lang": "en",
"value": "The LatePoint \u2013 Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027id\u0027 parameter of the \u0027latepoint_resources\u0027 shortcode in all versions up to, and including, 5.1.94 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T04:27:07.055Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c05575ef-3140-4340-9b4b-1803a8045ce0?source=cve"
},
{
"url": "https://wordpress.org/plugins/latepoint/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/browser/latepoint/tags/5.1.93/lib/helpers/shortcodes_helper.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3366851"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-08T16:23:03.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-09-29T16:24:40.000+00:00",
"value": "Disclosed"
}
],
"title": "LatePoint \u003c= 5.1.94 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-6941",
"datePublished": "2025-09-30T04:27:07.055Z",
"dateReserved": "2025-06-30T21:18:16.014Z",
"dateUpdated": "2025-09-30T15:39:46.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}