CVE-2025-24661 – MagePeople Team Taxi Booking Manager for WooCommerce Deserialization of Untrusted Data Object Injection

The following table lists the changes that have been made to the CVE-2025-24661 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received by [email protected]

    Feb. 03, 2025

    Action Type Old Value New Value
    Added Description Deserialization of Untrusted Data vulnerability in MagePeople Team Taxi Booking Manager for WooCommerce allows Object Injection. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.1.8.
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-502
    Added Reference https://patchstack.com/database/wordpress/plugin/ecab-taxi-booking-manager/vulnerability/wordpress-taxi-booking-manager-for-woocommerce-plugin-1-1-8-php-object-injection-vulnerability?_s_id=cve

نوشته های مشابه

CVE-2024-56131 – “LoadMaster Authenticated User OS Command Injection Vulnerability”

CVE-2024-56132 – “LoadMaster ECS OS Command Injection Vulnerability”

CVE-2024-56133 – “LoadMaster ECS OS Command Injection”

CVE-2024-56134 – “F5 LoadMaster Authenticated User OS Command Injection”