[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNlc1btWVzXdLds0ucDDa897B5ae_GJUeW2LBxg14zC8":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-31275","eventprime-missing-authorization-to-booking-price-maniputlation","EventPrime \u003C= 3.3.4 - Missing Authorization to Booking Price Maniputlation","The EventPrime plugin for WordPress is vulnerable to booking price manipulations due to insufficient validation and control of booking prices in versions up to, and including, 3.3.4. This makes it possible for unauthenticated attackers to make bookings with lower prices.","eventprime-event-calendar-management",null,"\u003C=3.3.4","3.3.5","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","External Control of Assumed-Immutable Web Parameter","2024-04-05 00:00:00","2024-04-11 13:51:57",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9516e64c-1959-4980-9a96-c6f5f1baa6f6?source=api-prod",7]