Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.16 views

CVE-2023-4703

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation...

7.5CVSS7.1AI score0.00569EPSS
Exploits2References1
NVD
NVD
added 2024/01/16 4:15 p.m.24 views

CVE-2023-4703

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation...

7.5CVSS7.7AI score0.00569EPSS
Exploits2References1
CVE
CVE
added 2024/01/16 3:56 p.m.55 views

CVE-2023-4703

CVE-2023-4703 affects All in One B2B for WooCommerce (WordPress plugin) up to version 1.0.3. The vulnerability arises from improper validation of parameters when updating user details, enabling an unauthenticated attacker to update details for any user. The PoC shows a curl example that updates a...

7.5CVSS7.7AI score0.00569EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/01/16 3:56 p.m.32 views

CVE-2023-4703 All in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege Escalation

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation...

7.9AI score0.00569EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/01/16 3:56 p.m.4 views

CVE-2023-4703 All in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege Escalation

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation...

7.8AI score0.00569EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/09/06 12:0 a.m.13 views

WordPress All in One B2B for WooCommerce Plugin <= 1.0.3 is vulnerable to Privilege Escalation

Software All in One B2B for WooCommerce Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-4703 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 385fda25bc8e...

7.5CVSS6.9AI score0.00569EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder