CVE-2023-24373

Name of the Vulnerable Software and Affected Versions WpDevArt Booking calendar, Appointment Booking System versions 3.2.3 and earlier

Description The issue affects the WpDevArt Booking calendar, Appointment Booking System, allowing manipulation of hidden fields due to an External Control of Assumed-Immutable Web Parameter vulnerability. This enables an attacker to modify assumed-immutable web parameters, potentially leading to unauthorized access or data manipulation.

Recommendations For versions 3.2.3 and earlier, update to a version later than 3.2.3 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.