Lucene search
PatchstackVULNRICHMENT:CVE-2023-51478HistoryApr 25, 2024 - 7:56 a.m.
CVE-2023-51478 WordPress Build App Online plugin <= 1.0.19 - Unauthenticated Account Takeover vulnerability
2024-04-2507:56:34
CWE-287
Patchstack
github.com
3
wordpress
build app online
unauthenticated account takeover
privilege escalation
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
CNA Affected
[
{
"vendor": "Abdul Hakeem",
"product": "Build App Online",
"versions": [
{
"status": "affected",
"version": "n/a",
"versionType": "custom",
"lessThanOrEqual": "1.0.19"
}
],
"packageName": "build-app-online",
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:rahamsolutions:build_app_online:*:*:*:*:*:wordpress:*:*"
],
"vendor": "rahamsolutions",
"product": "build_app_online",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "1.0.21"
}
],
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2023-51478
2024-04-25 08:15:07
CVE-2024-3658
2024-05-18 10:15:07
wpvulndb
wpvulndb
cve
cve
CVE-2023-51478
2024-04-25 08:15:07
CVE-2024-3658
2024-05-18 10:15:07
wordfence
wordfence
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-51478