ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Booking Calendar Contact Form Plugin 1.0.2 - Multiple vulnerabilities

Product
Booking Calendar Contact Form
Description
Booking Calendar Contact Form plugin is prone to multiple vulnerabilities: 1. Authenticated SQL injection in "get" parameter allows an attacker to escalate editor privileges. 2. Filter bypass & Authenticated SQL injection in "id" parameter via http://wp-host/wp-path/wp-admin/admin-ajax.php?action=dex_bccf_calendar_ajaxevent&dex_bccf_calendar_load2=delete. 3. Unauthenticated SQL injection in "dex_item=1" post variable. This vulnerability allows an attacker to send modified requests to database. 4. Captcha BYPASS and row inesrtion allow an attacker to manipulate some variables for bypass conditional staments by encode "get" parameter to MD5 encrypion saving into "rand_code" cookie's value. 5. Persistent JS/HTML code injection.
Solution
Upgrade the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.2
Fixed In 1.0.3
Disclosure date
2015-05-13
Credits
i0akiN SEC-LABORATORY