[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHd2W-ziL8oCpo1qaKi7xOFpS_I24ptFVmHwUY9N7lTM":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":30,"research_verified":31,"research_rounds_completed":32,"research_plan":33,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":34,"research_started_at":35,"research_completed_at":36,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":31,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":31,"source_links":37},"CVE-2026-49083","latepoint-calendar-booking-plugin-for-appointments-and-events-authenticated-contributor-privilege-escalation","LatePoint – Calendar Booking Plugin for Appointments and Events \u003C= 5.5.1 - Authenticated (Contributor+) Privilege Escalation","The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to elevate their privileges to that of an administrator.","latepoint",null,"\u003C=5.5.1","5.5.2","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Incorrect Privilege Assignment","2026-06-05 00:00:00","2026-06-10 17:42:53",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fef818472-d4ba-4ca9-b7ed-fe563107c3bd?source=api-prod",6,[22,23,24,25,26,27,28,29],"latepoint.php","lib\u002Fabilities\u002Fabstract-ability.php","lib\u002Fabilities\u002Fclass-latepoint-abilities.php","lib\u002Fassets\u002Fstylesheets\u002Fadmin\u002F_processes.scss","lib\u002Fhelpers\u002Fcustomer_helper.php","lib\u002Fmisc\u002Fprocess_action.php","lib\u002Fmodels\u002Fcustomer_model.php","lib\u002Fviews\u002Fsettings\u002Fgeneral.php","researched",false,3,"permission )` and `$this->permission` is `manage_options`.\n    And if `OsRolesHelper::can_user` is buggy.\n\n    The \"Contributor+\" requirement is interesting. Why Contributor?\n    In LatePoint, Contributors\u002FAuthors are often the \"Agents\".\n    Only Agents\u002FManagers\u002FAdmins have access to the LatePoint backend in the WP Admin.\n    If the vulnerability requires access to the LatePoint admin scripts to get the nonce or trigger the route.\n\n    Let's stick to the most robust path for a PoC:\n    **Abusing `agents__save` to become LatePoint Admin, then abusing LatePoint Admin status to escalate WP role.**\n\n    *   `latepoint_route_call` AJAX action.\n    *   `route` parameter: `agents__save`.\n    *   `agent[id]`: The ID of the current user's agent record.\n    *   `agent[role]`: Set to `admin`.\n    *   `_wpnonce`: The nonce for `latepoint_route_call`.\n\n    *   `latepoint_route_call` AJAX action.\n    *   `route` parameter: `settings__update`.\n    *   `settings[allow_customer_registration]=on`\n    *   `settings[customer_wp_user_role]=administrator`\n    *   `_wpnonce`: The nonce.\n\n    *   Register a new account. It will be an Administrator.\n\n    *   V","gemini-3-flash-preview","2026-06-26 04:03:15","2026-06-26 04:04:44",{"type":38,"vulnerable_version":39,"fixed_version":11,"vulnerable_browse":40,"vulnerable_zip":41,"fixed_browse":42,"fixed_zip":43,"all_tags":44},"plugin","5.5.1","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Flatepoint\u002Ftags\u002F5.5.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatepoint.5.5.1.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Flatepoint\u002Ftags\u002F5.5.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flatepoint.5.5.2.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Flatepoint\u002Ftags"]