CVE-2023-49758

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-49758 is a Missing Authorization vulnerability affecting the Roland Murg WP Booking System from versions n/a through 2.0.19.2. Attackers can exploit this issue by manipulating incorrectly configured access control security levels, allowing unauthorized access and potential data compromise. The vulnerability can lead to serious consequences, including unintended modifications or disclosures of sensitive information. Users are strongly advised to update their WP Booking System plugins to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • WordPress WP Booking System

Affected Vendors

  • WordPress