| Name | CVE-2023-4252 |
| Description | The EventPrime WordPress plugin through 3.2.9 specifies the price of a booking in the client request, allowing an attacker to purchase bookings without payment. |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
NOT-FOR-US: WordPress plugin