Lucene search

[email protected]CVE-2023-36507

HistoryNov 30, 2023 - 4:15 p.m.

CVE-2023-36507

2023-11-3016:15:08

NVD-CWE-noinfo

CWE-200

[email protected]

web.nvd.nist.gov

"cve-2023-36507

exposure

sensitive information

unauthorized actor

vulnerability

repute infosystems

bookingpress

appointment booking calendar plugin

online scheduling plugin

nvd"

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

15.9%

JSON

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64.

CPENameOperatorVersion
reputeinfosystems:bookingpressreputeinfosystems bookingpressle1.0.64
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.37
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.12
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.4
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.38
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.48
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.47
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.55
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.52
reputeinfosystems:bookingpressreputeinfosystems bookingpresseq1.0.5

CPE	Name	Operator	Version
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	le	1.0.64
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.37
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.12
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.4
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.38
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.48
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.47
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.55
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.52
reputeinfosystems:bookingpress	reputeinfosystems bookingpress	eq	1.0.5

Rows per page:

1-10 of 661

References

patchstack.com/database/vulnerability/bookingpress-appointment-booking/wordpress-bookingpress-plugin-1-0-64-unauthenticated-server-information-disclosure-vulnerability?_s_id=cve

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

15.9%

JSON

Related for CVE-2023-36507

cvelist1 prion1 wordfence1