Court Reservation
Monthly
Webmuehle Court Reservation WordPress plugin versions up to 1.10.11 fail to properly validate user permissions, allowing unauthenticated remote attackers to modify court reservation data through incorrectly configured access control checks. The vulnerability enables integrity attacks against the reservation system despite missing confidentiality and availability impact. With EPSS score of 0.02% and no KEV confirmation, real-world exploitation risk is minimal, though the authentication bypass vector presents a foundational security gap.
Webmuehle Court Reservation WordPress plugin versions up to 1.10.11 fail to properly validate user permissions, allowing unauthenticated remote attackers to modify court reservation data through incorrectly configured access control checks. The vulnerability enables integrity attacks against the reservation system despite missing confidentiality and availability impact. With EPSS score of 0.02% and no KEV confirmation, real-world exploitation risk is minimal, though the authentication bypass vector presents a foundational security gap.