CVE-2023-5799

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Nov 20, 2023

Updated: Nov 27, 2023

CWE ID 863

Summary

CVE-2023-5799 is a vulnerability affecting the WP Hotel Booking plugin for WordPress. This issue allows Contributor and higher role users to delete posts that do not belong to them, due to insufficient authorization checks during the deletion process of a package. This can lead to unintended data modification and potential security risks for WordPress sites running the vulnerable plugin version before 2.0.8.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tJbFx6
https://www.cve.org/CVERecord?id=CVE-2023-5799
https://nvd.nist.gov/vuln/detail/CVE-2023-5799

Back to Vulnerability Database

CVE-2023-5799

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations