Lucene search
PatchstackCVELIST:CVE-2023-37389HistoryMay 17, 2024 - 6:47 a.m.
CVE-2023-37389 WordPress Booking Package SAASPROJECT plugin <= 1.5.98 - Unauthenticated Privilege Escalation vulnerability
2024-05-1706:47:46
CWE-269
Patchstack
www.cve.org
cve-2023-37389
wordpress
saasproject
unauthenticated privilege escalation
booking package
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Improper Privilege Management vulnerability in SAASPROJECT Booking Package Booking Package allows Privilege Escalation.This issue affects Booking Package: from n/a through 1.5.98.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "booking-package",
"product": "Booking Package",
"vendor": "SAASPROJECT Booking Package",
"versions": [
{
"changes": [
{
"at": "1.5.99",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.5.98",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-37389
2024-05-17 07:15:56
cve
cve
CVE-2023-37389
2024-05-17 07:15:56
wordfence
wordfence
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for CVELIST:CVE-2023-37389