The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email through the edit_newdata_customer_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-639

https://plugins.trac.wordpress.org/changeset/3278939/wpbookit/trunk/core/admin/classes/controllers/class.wpb-customer-controller.php

https://www.wordfence.com/threat-intel/vulnerabilities/id/a61cce43-0df7-4ca9-8897-24c7d131b505?source=cve