{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-15473", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2026-01-06T21:31:10.819Z", "datePublished": "2026-03-12T06:00:11.203Z", "dateUpdated": "2026-03-12T13:40:38.873Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-03-12T06:00:11.203Z"}, "title": "Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update", "problemTypes": [{"descriptions": [{"description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Timetics", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThan": "1.0.52"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the \"timetics-booking\" custom post type."}], "references": [{"url": "https://wpscan.com/vulnerability/f355e4ac-7aa6-4c5b-b1e5-b37937156583/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Khaled Alenazi (Nxploited)", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-862", "lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T13:40:35.721181Z", "id": "CVE-2025-15473", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T13:40:38.873Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-15473", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-12T13:40:35.721181Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T13:40:24.930Z"}}], "cna": {"title": "Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Khaled Alenazi (Nxploited)"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "Timetics", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.52", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://wpscan.com/vulnerability/f355e4ac-7aa6-4c5b-b1e5-b37937156583/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the \"timetics-booking\" custom post type."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-03-12T06:00:11.203Z"}}}, "cveMetadata": {"cveId": "CVE-2025-15473", "state": "PUBLISHED", "dateUpdated": "2026-03-12T13:40:38.873Z", "dateReserved": "2026-01-06T21:31:10.819Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2026-03-12T06:00:11.203Z", "assignerShortName": "WPScan"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint, allowing unauthenticated users to arbitrarily change a booking's payment status and post status for the \"timetics-booking\" custom post type."}, {"lang": "es", "value": "El plugin de WordPress Timetics anterior a 1.0.52 no tiene autorizaci\u00f3n en un endpoint REST, lo que permite a usuarios no autenticados cambiar arbitrariamente el estado de pago de una reserva y el estado de la publicaci\u00f3n para el tipo de publicaci\u00f3n personalizado 'timetics-booking'."}], "id": "CVE-2025-15473", "lastModified": "2026-04-15T15:05:47.827", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-12T06:16:30.417", "references": [{"source": "contact@wpscan.com", "url": "https://wpscan.com/vulnerability/f355e4ac-7aa6-4c5b-b1e5-b37937156583/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.0.52)"}}], "enrichment": {"confidence": 70.0, "confidence_source": "inferred", "scores": [{"score": 70.0, "source": "inferred"}]}, "original": {"product": "Timetics", "source": "cna", "vendor": "Unknown"}, "product": "timetics", "vendor": "timetics"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-18T14:45:26.464892+00:00", "value": {"mitigation_remediation": ["Upgrade the Timetics plugin to version 1.0.52 or newer."], "summary": {"action": "Patch ASAP", "impact": "Unauthorized booking status modification"}, "threat_synthesis": {"affected_systems": "Vulnerable systems include any WordPress site running the Timetics plugin at a version older than 1.0.52. The affected version information is explicitly cited: \"before 1.0.52\". Sites using newer releases are not impacted.", "description_and_impact": "The Timetics WordPress plugin prior to version 1.0.52 lacks authorization checks on a REST endpoint, allowing any user\u2014including unauthenticated visitors\u2014to arbitrarily change the payment status and post status of \"timetics-booking\" custom posts. This results in the unauthorized alteration of booking records, potentially marking unpaid reservations as paid, enabling fraudulent claims, or disrupting inventory and financial reporting. The weakness is categorized as CWE\u2011862, reflecting an improper authorization flaw.", "risk_and_exploitability": "The CVSS score of 4.3 indicates moderate severity, with an EPSS score of less than 1% suggesting a low likelihood of exploit. It is not listed in the CISA KEV catalog. The likely attack vector inferred from the description is a remote unauthenticated request to the plugin\u2019s REST endpoint."}}}}, "created": "2026-03-13T09:53:30.759182+00:00", "updated": "2026-03-20T15:36:00.412822+00:00", "vendors": ["timetics", "timetics$PRODUCT$timetics", "wordpress", "wordpress$PRODUCT$wordpress"]}