(blacklanternsecurity.com) CVE-2026-2931: Amelia Booking Pro Authenticated IDOR Enables Customer-to-Admin WordPress Account Takeover
Uncategorized
1
Posts
1
Posters
0
Views
-
(blacklanternsecurity.com) CVE-2026-2931: Amelia Booking Pro Authenticated IDOR Enables Customer-to-Admin WordPress Account Takeover
CVE-2026-2931: Critical authenticated privilege escalation in Amelia Booking Pro (≤9.1.2) enables customer-to-admin WordPress account takeover via IDOR (CWE-639) + mass assignment (CWE-915). Attackers manipulate the 'externalId' field in profile updates to reset arbitrary WordPress passwords (incl. admin) via wp_set_password(). Exploitation grants full site compromise, RCE potential. No patch available at disclosure. Over 50K active installs affected.
Source: https://blog.blacklanternsecurity.com/p/amelia-booking-pro-912-authenticated
-
R relay@relay.infosec.exchange shared this topic
