CVE-2025-3769 – LatePoint WordPress Calendar Booking Plugin Insecure Direct Object Reference Vulnerability

May 14, 2025

CVE ID : CVE-2025-3769

Published : May 14, 2025, 12:15 p.m. | 2 hours, 51 minutes ago

Description : The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the ‘view_booking_summary_in_lightbox’ due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to retrieve appointment details such as customer names and email addresses.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3931 – Yggdrasil DBus Unauthenticated Command Injection Vulnerability

Next Article CVE-2025-47781 – Rallly Token Brute Force Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

How to install and use Ollama to run AI LLMs on your Windows 11 PC

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.13.2025)

How We Use Epic Branches. Without Breaking Our Flow.

I think the ergonomics of generators is growing on me.

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2025-3769 – LatePoint WordPress Calendar Booking Plugin Insecure Direct Object Reference Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-24022 – iTop Server Code Execution Vulnerability

Case Study: Nod Coding Bootcamp

NVIDIA Riva Vulnerabilities Leave AI-Powered Speech and Translation Services at Risk

Xbox’s new gaming Copilot AI would have been better with Kinect — there, I said it

DolphinGemma: How Google AI is helping decode dolphin communication

Samsung’s upcoming XR headset was the biggest product teaser at Unpacked July 2024

New Mandrake Spyware Found in Google Play Store Apps After Two Years

How to implement seleniums LoadableComponent with a fluent API?

CVE-2025-42604 – Meon KYC Debug Mode Information Disclosure Vulnerability

CVE-2025-3769 – LatePoint WordPress Calendar Booking Plugin Insecure Direct Object Reference Vulnerability

Related Posts