PT-2024-12034 · Wpdevart · Wpdevart Booking Calendar

Yuyudhn

Published

2024-12-09

Updated

2024-12-09

CVE-2023-24407

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WpDevArt Booking calendar, Appointment Booking System versions 3.2.3 and earlier

Description The issue affects the WpDevArt Booking calendar, Appointment Booking System due to a Missing Authorization vulnerability. This vulnerability allows exploitation of incorrectly configured access control security levels.

Recommendations For versions 3.2.3 and earlier, update to a version that contains a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2023-24407

Affected Products

Wpdevart Booking Calendar

PT-2024-12034 · Wpdevart · Wpdevart Booking Calendar

CVE-2023-24407

Weakness Enumeration

Related Identifiers

Affected Products

References · 5