Vulnerability Details CVE-2022-1463
The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the [bookingflextimeline] shortcode in versions up to, and including, 9.1. This could be exploited by subscriber-level users and above to call arbitrary PHP objects on a vulnerable site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2022-1463
-
cpe:2.3:a:booking_calendar_project:booking_calendar:0.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:0.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:0.7
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.3.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.3.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.3.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.4.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.4.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.4.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.4.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5.7
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.5.8
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.7
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.7.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.7.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.7.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.7.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.8
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.9
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.9.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.9.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:1.9.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.1.7
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.7
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.8
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.9
-
cpe:2.3:a:booking_calendar_project:booking_calendar:3.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.0.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.0.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.1.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.1.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.1.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.1.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.1.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:4.1.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.0.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.0.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.0.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.0.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.1.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.1.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.1.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.1.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.1.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.1.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.2.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.3.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.3.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.4.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.4.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.4.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:5.4.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:6.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:6.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:6.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:6.2.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:6.2.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:7.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:7.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:7.1.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:7.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.0.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.1.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.1.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.3.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.3.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.4.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.4.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.4.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.4.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.4.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.4.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.5.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.5.1.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.5.1.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.10
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.4
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.5
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.6
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.7
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.8
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.7.9
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.8
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.8.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.8.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.9
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.9.1
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.9.2
-
cpe:2.3:a:booking_calendar_project:booking_calendar:8.9.3
-
cpe:2.3:a:booking_calendar_project:booking_calendar:9.0
-
cpe:2.3:a:booking_calendar_project:booking_calendar:9.1