CVE-2023-23895
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Published Dec 9, 2024
CWE ID 862
Summary
CVE-2023-23895 is a new vulnerability affecting the WP Time Slots Booking Form plugin. It involves a missing authorization feature, which allows unauthorized users to exploit incorrectly configured access control security levels. This issue is significant as it can potentially grant attackers unintended access and permissions within the plugin. The vulnerability affects WP Time Slots Booking Form versions from n/a through 1.1.82. System administrators are advised to update the plugin to the latest version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share