CVSS 3.1 Score 5.4 of 10 (medium)


Published Feb 10, 2024
Updated: Feb 16, 2024


CVE-2024-23517 is a vulnerability that affects the Start Booking Scheduling Plugin – Online Booking for WordPress, specifically versions from n/a through 3.5.10. The vulnerability is categorized as "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')". This means that there is a risk of Stored XSS attacks. The base severity of this vulnerability is considered MEDIUM, with a base score of 5.4. The exploitability score is 2.3, and the impact score is 2.7. The privileges required for exploitation are low, and user interaction is required. This vulnerability has a low integrity and confidentiality impact, and no availability impact. The recommended remediation for this vulnerability is to update the affected plugin to a version that addresses the issue.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-23517 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options