CVE-2023-24407

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-24407 is a critical authorization vulnerability affecting the WpDevArt Booking calendar and Appointment Booking System. The flaw permits unauthorized access due to incorrectly configured security levels. This issue poses a serious risk, enabling exploitation of the affected software versions from n/a through 3.2.3. Attackers can potentially manipulate appointments, access sensitive data, or gain unauthorized control. System administrators are advised to apply the latest patches to mitigate this vulnerability and secure their installations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share