ameliabooking 厂商相关 19 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。
该系统为在线预约管理平台,主要面向企业客户提供服务预订功能。历史上常见漏洞包括远程代码执行、跨站脚本和权限绕过,其中身份验证机制薄弱导致的越权访问问题尤为突出。截至最新统计,该平台已记录19条CVE漏洞,部分高危漏洞可导致未授权访问或系统完全控制。安全社区建议用户及时更新至最新版本并实施严格的访问控制措施。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-6449 | Amelia <= 2.1.2 远程审批端点未授权绕过漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-285 | 5.3 | Medium | 2026-05-02 |
| CVE-2026-39487 | WordPress plugin Amelia SQL注入漏洞 — AmeliaCWE-89 | 7.6 | High | 2026-04-08 |
| CVE-2026-5465 | WordPress plugin Booking for Appointments and Events Calendar – Amelia 安全漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-639 | 8.8 | High | 2026-04-07 |
| CVE-2026-4668 | WordPress plugin Booking for Appointments and Events Calendar - Amelia SQL注入漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-89 | 6.5 | Medium | 2026-03-31 |
| CVE-2026-2931 | WordPress plugin Amelia Booking 安全漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-269 | 8.8 | High | 2026-03-26 |
| CVE-2026-24963 | WordPress plugin Amelia 安全漏洞 — AmeliaCWE-266 | 7.2 | High | 2026-03-05 |
| CVE-2026-24967 | WordPress plugin Amelia 安全漏洞 — AmeliaCWE-862 | 5.3 | Medium | 2026-02-03 |
| CVE-2025-14720 | WordPress plugin Amelia 安全漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-862 | 5.3 | Medium | 2026-01-09 |
| CVE-2025-12482 | WordPress plugin Booking for Appointments and Events Calendar – Amelia SQL注入漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-89 | 7.5 | High | 2025-11-16 |
| CVE-2025-58213 | WordPress plugin Booking System Trafft 跨站脚本漏洞 — Booking System TrafftCWE-79 | 6.5 | Medium | 2025-08-27 |
| CVE-2025-2578 | WordPress plugin Booking for Appointments and Events Calendar Amelia 信息泄露漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-200 | 5.3 | Medium | 2025-03-28 |
| CVE-2025-26965 | WordPress plugin Amelia 安全漏洞 — AmeliaCWE-639 | 5.3 | Medium | 2025-02-25 |
| CVE-2024-11754 | WordPress plugin Booking System Trafft 跨站脚本漏洞 — Booking System TrafftCWE-79 | 6.4 | Medium | 2024-12-13 |
| CVE-2024-6332 | WordPress plugin Amelia 安全漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-862 | 6.5 | Medium | 2024-09-05 |
| CVE-2024-6552 | WordPress plugin Amelia 安全漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-200 | 5.3 | Medium | 2024-08-08 |
| CVE-2024-6225 | WordPress plugin Amelia 安全漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-79 | 4.4 | Medium | 2024-06-21 |
| CVE-2024-1484 | WordPress Plugin Booking for Appointments and Events Calendar 安全漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-79 | 6.1 | Medium | 2024-03-13 |
| CVE-2023-6808 | WordPress plugin Booking for Appointments and Events Calendar 安全漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-79 | 6.4 | Medium | 2024-02-05 |
| CVE-2022-0834 | WordPress plugin Amelia 跨站脚本漏洞 — Booking for Appointments and Events Calendar – AmeliaCWE-79 | 7.2 | High | 2022-03-23 |
本页汇总了 ameliabooking 厂商截至目前公开的全部 19 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。