Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Network-reachable blind SQLi with no auth per source vector, primarily confidentiality (data read); no integrity/availability impact and no cross-boundary scope change evident, so S:N/I:N/A:N.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
2DescriptionCVE.org
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Melograno Venture Studio Amelia ameliabooking allows Blind SQL Injection.This issue affects Amelia: from n/a through <= 2.4.2.
AnalysisAI
Blind SQL injection in the Amelia booking plugin for WordPress (Melograno Venture Studio) affects all versions from unknown initial release through 2.4.2, allowing remote attackers to inject crafted SQL into database queries and extract sensitive data via boolean/time-based inference. The CVSS 9.3 vector (AV:N/PR:N) indicates network-reachable exploitation without authentication, though this is a Patchstack-reported issue with no public exploit and no CISA KEV listing at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation targets the Amelia plugin's booking request handling (its admin-ajax.php actions / wp-json Amelia REST endpoints) on any WordPress site running version 2.4.2 or earlier. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals are mixed and should temper the raw 9.3 score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker sends crafted requests to Amelia's public booking AJAX/REST endpoints, embedding blind SQL injection payloads (boolean or time-based) into a vulnerable parameter. By observing differences in response behavior or induced delays, the attacker iteratively reconstructs database contents such as customer PII, booking records, or WordPress user password hashes. … |
| Remediation | No vendor-released patch version is identified in the provided data, so the primary action is to consult the Patchstack advisory (https://patchstack.com/database/Wordpress/Plugin/ameliabooking/vulnerability/wordpress-amelia-plugin-2-4-2-sql-injection-vulnerability) and upgrade Amelia to the first release published after 2.4.2 that Patchstack/Melograno designates as fixed; do not assume 2.4.2 is safe. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, inventory all WordPress instances to identify Amelia plugin deployments and current versions. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user
The Amelia WordPress plugin before 1.0.47 does not sanitize and escape the code parameter before outputting it back in a
Missing Authorization vulnerability in TMS Amelia ameliabooking.0.98. Rated critical severity (CVSS 9.8), this vulnerabi
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any cu
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any cu
Privilege escalation in the Amelia booking plugin for WordPress (versions 2.3 and earlier) allows an authenticated low-p
The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting customers, which could allow a
Blind SQL injection in Amelia WordPress plugin (ameliabooking) version 2.1.1 and earlier allows authenticated privileged
Unauthenticated sensitive data exposure in the Amelia (Amelia Booking) WordPress plugin versions 2.2 and earlier allows
The Amelia WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the l
The Booking for Appointments and Events Calendar - Amelia Premium and Lite plugins for WordPress are vulnerable to unaut
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43359