Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2023-5799
HistoryNov 20, 2023 - 6:55 p.m.

CVE-2023-5799 WP Hotel Booking < 2.0.9 - Contributor+ Arbitrary Post Deletion

2023-11-2018:55:07
WPScan
www.cve.org
4
cve-2023-5799
wordpress
plugin
authorisation
roles
deletion

EPSS

0

Percentile

13.3%

JSON

The WP Hotel Booking WordPress plugin before 2.0.8 does not have proper authorisation when deleting a package, allowing Contributor and above roles to delete posts that do no belong to them

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "WP Hotel Booking",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThan": "2.0.8"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Related

cve 1
nvd 1
wpvulndb 1
wpexploit 1
prion 1
cve
cve
CVE-2023-5799
2023-11-20 19:15:10
nvd
nvd
CVE-2023-5799
2023-11-20 19:15:10
wpvulndb
wpvulndb
WP Hotel Booking < 2.0.9 - Contributor+ Arbitrary Post Deletion
2023-10-26 00:00:00
wpexploit
wpexploit
WP Hotel Booking < 2.0.9 - Contributor+ Arbitrary Post Deletion
2023-10-26 00:00:00
prion
prion
Design/Logic Flaw
2023-11-20 19:15:00

EPSS

0

Percentile

13.3%

JSON
Related for CVELIST:CVE-2023-5799
cve1nvd1wpvulndb1wpexploit1prion1