{"id":74418,"date":"2022-04-27T13:24:35","date_gmt":"2022-04-27T17:24:35","guid":{"rendered":"http:\/\/bangla.salearningschool.com\/recent-posts\/wordpress-security-php-object-injection-vulnerability-in-booking-calendar-plugin\/"},"modified":"2022-04-27T13:24:35","modified_gmt":"2022-04-27T17:24:35","slug":"wordpress-security-php-object-injection-vulnerability-in-booking-calendar-plugin","status":"publish","type":"post","link":"http:\/\/bangla.sitestree.com\/?p=74418","title":{"rendered":"WordPress Security PHP Object Injection Vulnerability in Booking Calendar Plugin"},"content":{"rendered":"<table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n<tbody>\n<tr>\n<td valign=\"top\">\n<table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n<tbody>\n<tr>\n<td>&quot;On April 18, 2022, Object Injection vulnerability in the Booking Calendar plugin for WordPress, which has over 60,000 installations.&quot;<\/p>\n<p>Wordfence &quot;<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n<tbody>\n<tr>\n<td>\n<table width=\"100%\" border=\"0\">\n<tbody>\n<tr>\n<td valign=\"middle\"><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n<tbody>\n<tr>\n<td><strong>Description:<\/strong> Insecure Deserialization\/PHP Object Injection<br \/>\n<strong>Affected Plugin: <\/strong>Booking Calendar<br \/>\n<strong>Plugin Slug:<\/strong> booking<br \/>\n<strong>Plugin Developer: <\/strong>wpdevelop, oplugins<br \/>\n<strong>Affected Versions: <\/strong>&lt;= 9.1<br \/>\n<strong>CVE ID:<\/strong> CVE-2022-1463<br \/>\n<strong>CVSS Score<\/strong>: 8.1(High)<br \/>\n<strong>CVSS Vector:<\/strong> CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H<br \/>\n<strong>Researcher\/s<\/strong>: Ramuel Gall<br \/>\n<strong>Fully Patched Version<\/strong>: 9.1.1<br \/>\n&quot;<\/p>\n<p>Ref: Wordfence<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>&quot;On April 18, 2022, Object Injection vulnerability in the Booking Calendar plugin for WordPress, which has over 60,000 installations.&quot; Wordfence &quot; Description: Insecure Deserialization\/PHP Object Injection Affected Plugin: Booking Calendar Plugin Slug: booking Plugin Developer: wpdevelop, oplugins Affected Versions: &lt;= 9.1 CVE ID: CVE-2022-1463 CVSS Score: 8.1(High) CVSS Vector: CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H Researcher\/s: Ramuel Gall Fully Patched &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"http:\/\/bangla.sitestree.com\/?p=74418\">Continue reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[182],"tags":[],"class_list":["post-74418","post","type-post","status-publish","format-standard","hentry","category---blog","item-wrap"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":20801,"url":"http:\/\/bangla.sitestree.com\/?p=20801","url_meta":{"origin":74418,"position":0},"title":"Make Your Web-site Faster : Make WordPress Faster","author":"Author-Check- Article-or-Video","date":"February 27, 2021","format":false,"excerpt":"Recommended Links and Plugins Caching is only one part of making a website faster. Here are some other plugins that will help WPSCMin, a Supercache plugin that minifies cached pages by removing whitespaces and extra characters [the link does not work, did not find any other alternative link] Yahoo! Yslow\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":68190,"url":"http:\/\/bangla.sitestree.com\/?p=68190","url_meta":{"origin":74418,"position":1},"title":"On email marketing, a plugin demo, A plugin for WordPress. #By Sayed Ahmed","author":"Author-Check- Article-or-Video","date":"July 31, 2021","format":false,"excerpt":"On email marketing, a plugin demo, A plugin for Wordpress. [youtube http:\/\/www.youtube.com\/watch?v=-vr9bs3ekF4&w=640&h=480] From: http:\/\/sitestree.com\/?p=3202 Categories:By Sayed AhmedTags: Post Data:2015-12-13 18:47:51 Shop Online: <a href='https:\/\/www.ShopForSoul.com\/' target='new' rel=\"noopener\">https:\/\/www.ShopForSoul.com\/<\/a> (Big Data, Cloud, Security, Machine Learning): Courses: <a href='http:\/\/Training.SitesTree.com' target='new' rel=\"noopener\"> http:\/\/Training.SitesTree.com<\/a> In Bengali: <a href='http:\/\/Bangla.SaLearningSchool.com' target='new' rel=\"noopener\">http:\/\/Bangla.SaLearningSchool.com<\/a> <a href='http:\/\/SitesTree.com' target='new' rel=\"noopener\">http:\/\/SitesTree.com<\/a> 8112223 Canada\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":21626,"url":"http:\/\/bangla.sitestree.com\/?p=21626","url_meta":{"origin":74418,"position":2},"title":"WordPress Stuff: Coding Standard (PHP, JS, JQuery, HTML, CSS), Database Structure, Function and Hook List #Web Development #CSS #Root #JQuery #By Sayed Ahmed","author":"Author-Check- Article-or-Video","date":"March 3, 2021","format":false,"excerpt":"PHP Coding Standards According to Wordpress: http:\/\/make.wordpress.org\/core\/handbook\/coding-standards\/php\/ HTML Coding Standard for Wordpress: http:\/\/make.wordpress.org\/core\/handbook\/coding-standards\/html\/ CSS Guidelines by Wordpress: http:\/\/make.wordpress.org\/core\/handbook\/coding-standards\/css\/ JavaScript Coding Standard by Wordpress: http:\/\/make.wordpress.org\/core\/handbook\/coding-standards\/javascript\/ JQuery Coding Standards: http:\/\/contribute.jquery.org\/style-guide\/js\/ --------------------- Wordpress Database Diagram can be seen here. Also, an overview of the database tables are provided. http:\/\/codex.wordpress.org\/Database_Description Wordpress Function Reference: http:\/\/codex.wordpress.org\/Function_Reference\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7896,"url":"http:\/\/bangla.sitestree.com\/?p=7896","url_meta":{"origin":74418,"position":3},"title":"WordPress Plugins","author":"Author-Check- Article-or-Video","date":"March 29, 2015","format":false,"excerpt":"Plugins \u09ae\u09c2\u09b2\u09a4 Wordpress \u098f\u09b0 \u0995\u09be\u09b0\u09cd\u09af\u09aa\u09b0\u09bf\u09a7\u09bf \u09aa\u09cd\u09b0\u09b8\u09be\u09b0\u09a3 \u0995\u09b0\u09be\u09b0 \u0989\u09aa\u0995\u09b0\u09a3\u0964 Wordpress \u09a4\u09c8\u09b0\u09bf \u0995\u09b0\u09be\u09b0 \u09ae\u09c2\u09b2\u09c7 \u09b0\u09df\u09c7\u099b\u09c7 \u0995\u09cb\u09a1\u09c7\u09b0 \u09b8\u09cd\u09ab\u09c0\u09a4\u09bf \u0995\u09ae\u09bf\u09df\u09c7 \u0993\u09df\u09c7\u09ac\u09b8\u09be\u0987\u099f \u09a8\u09bf\u09b0\u09cd\u09ae\u09be\u09a3 \u0995\u09cc\u09b6\u09b2\u0995\u09c7 \u09b8\u09b9\u099c\u09a4\u09b0 \u0995\u09b0\u09c7 \u09a4\u09cb\u09b2\u09be\u0964 Plugins \u098f\u09ae\u09a8 \u0995\u09bf\u099b\u09c1 function \u0993 feature \u09b8\u09b0\u09ac\u09be\u09b0\u09b9 \u0995\u09b0\u09c7 , \u09af\u09be\u09a4\u09c7 \u0995\u09b0\u09c7 Wordpress \u09ac\u09cd\u09af\u09ac\u09b9\u09be\u09b0\u0995\u09be\u09b0\u09c0\u09b0\u09be \u09a4\u09be\u09a6\u09c7\u09b0 website \u098f\u09b0 \u09aa\u09cd\u09b0\u09df\u09cb\u099c\u09a8 \u0985\u09a8\u09c1\u09af\u09be\u09df\u09c0 function \u09ac\u09cd\u09af\u09ac\u09b9\u09be\u09b0 \u0995\u09b0\u09a4\u09c7 \u09aa\u09be\u09b0\u09c7\u0964 \u0986\u09aa\u09a8\u09be\u09b0 website \u098f\u09b0 Plugins \u09ac\u09cd\u09af\u09ac\u09b8\u09cd\u09a5\u09be\u09aa\u09a8\u09be\u09b0 \u099c\u09a8\u09cd\u09af\u2026","rel":"","context":"In &quot;\u09a1\u099f \u09a8\u09c7\u099f\/.Net&quot;","block_context":{"text":"\u09a1\u099f \u09a8\u09c7\u099f\/.Net","link":"http:\/\/bangla.sitestree.com\/?cat=264"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7585,"url":"http:\/\/bangla.sitestree.com\/?p=7585","url_meta":{"origin":74418,"position":4},"title":"WordPress \u098f\u09b0 Plugins \u09af\u09be \u0986\u09ae\u09bf \u09ac\u09cd\u09af\u09ac\u09b9\u09be\u09b0 \u0995\u09b0\u09c7\u099b\u09bf; \u0985\u09a8\u09cd\u09a4\u09a4\u09aa\u0995\u09cd\u09b7\u09c7 install \u0995\u09b0\u09c7\u099b\u09bf \u0964","author":"Author-Check- Article-or-Video","date":"March 27, 2015","format":false,"excerpt":"Akismet: http:\/\/akismet.com\/ amr users: http:\/\/wordpress.org\/plugins\/amr-users\/ Captcha: http:\/\/bestwebsoft.com\/plugin\/: Facebook: http:\/\/wordpress.org\/plugins\/facebook\/ Jetpack by WordPress.com:http:\/\/www.cozmoslabs.com\/2011\/04\/12\/wordpress-profile-builder-a-front-end-user-registration-login-and-edit-profile-plugin\/ Profile Builder: http:\/\/www.cozmoslabs.com\/2011\/04\/12\/wordpress-profile-builder-a-front-end-user-registration-login-and-edit-profile-plugin\/ WP Super Cache: http:\/\/ocaoimh.ie\/wp-super-cache\/ All in one Facebook Plugins for Wordpress: http:\/\/www.w3xperts.com\/all-in-one-facebook-plugins-for-wordpress\/ \u00a0 Always Remember Me: http:\/\/ozh.org\/ \u00a0 WP-Member:\u00a0 http:\/\/rocketgeek.com\/ \u00a0 Categories to Tags Converter Importer: http:\/\/wordpress.org\/extend\/plugins\/wpcat2tag-importer\/ Category Checklist Tree:http:\/\/scribu.net\/wordpress\/category-checklist-tree \u00a0 Custom Contact Forms: http:\/\/taylorlovett.com\/wordpress-plugins\u2026","rel":"","context":"In &quot;Root&quot;","block_context":{"text":"Root","link":"http:\/\/bangla.sitestree.com\/?cat=1"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":11981,"url":"http:\/\/bangla.sitestree.com\/?p=11981","url_meta":{"origin":74418,"position":5},"title":"WordPress  \u098f\u09b0 \u098f\u0995\u099f\u09bf \u0987\u09ae\u09c7\u0987\u09b2 \u09ae\u09be\u09b0\u09cd\u0995\u09c7\u099f\u09bf\u0982 \u09aa\u09cd\u09b2\u09be\u0997 \u0987\u09a8 \u098f\u09b0 \u0989\u09aa\u09b0 \u0986\u09b2\u09cb\u099a\u09a8\u09be (On email marketing a plugin demo, A plugin for WordPress in Bangla)","author":"Sayed","date":"December 13, 2015","format":false,"excerpt":"On email marketing, a plugin demo, A plugin for Wordpress. Wordpress \u098f\u09b0 \u098f\u0995\u099f\u09bf \u0987\u09ae\u09c7\u0987\u09b2 \u09ae\u09be\u09b0\u09cd\u0995\u09c7\u099f\u09bf\u0982 \u09aa\u09cd\u09b2\u09be\u0997 \u0987\u09a8 \u098f\u09b0 \u0989\u09aa\u09b0 \u0986\u09b2\u09cb\u099a\u09a8\u09be","rel":"","context":"In &quot;Videos by Us&quot;","block_context":{"text":"Videos by Us","link":"http:\/\/bangla.sitestree.com\/?cat=96"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/74418","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=74418"}],"version-history":[{"count":0,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/74418\/revisions"}],"wp:attachment":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=74418"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=74418"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=74418"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}