CVSS 3.1 Score 7.1 of 10 (high)


Published Oct 17, 2023
Updated: Oct 24, 2023


CVE-2023-45006 is a vulnerability known as Unauth. Reflected Cross-Site Scripting (XSS) in the ByConsole WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location plugin version 2.4.6 and below. This vulnerability affects various products, including tHubOw, tHubOi, tHubOj, and others. The risk score for this vulnerability is 25, with a base severity of HIGH and a base score of 7.1 according to the CVSS:3.1 rating. The exploitability score is 2.8, and user interaction is required for the attack. The potential danger of this vulnerability lies in the unauthorized execution of malicious scripts, which could compromise the integrity and confidentiality of an organization's web page content. It is important to apply the necessary patches or updates to remediate this vulnerability and protect against potential attacks.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45006 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options