CVE-2023-51405 | BookingPress Plugin up to 1.0.74 on WordPress Price bookingpress_confirm_booking access control

Inserito da Angelo Barbosa | Gen 5, 2024 | CVE

A vulnerability classified as critical was found in BookingPress Plugin up to 1.0.74 on WordPress. Affected by this vulnerability is the function bookingpress_confirm_booking of the component Price Handler. The manipulation leads to improper access controls.

This vulnerability is known as CVE-2023-51405. The attack can be launched remotely. There is no exploit available.

CVE-2023-51405 | BookingPress Plugin up to 1.0.74 on WordPress Price bookingpress_confirm_booking access control

Post correlati

CVE-2024-43797 | advplyr audiobookshelf up to 2.12.x Role-Based Access Control path traversal

CVE-2024-45039 | Consensys gnark up to 0.11.0 (GHSA-q3hw-3gm4-w5cr)

CVE-2024-30427 | Spiffy Calendar Plugin up to 4.9.7 on WordPress cross site scripting

CVE-2024-27343 | Kofax Power PDF PDF File Parser out-of-bounds