CVE-2023-36507
WordPress BookingPress Plugin <= 1.0.64 is vulnerable to Sensitive Data Exposure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64.
Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Repute Infosystems BookingPress: Appointment Booking Calendar Plugin and Online Scheduling Plugin. Este problema afecta a BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: desde n/a hasta 1.0.64.
The BookingPress plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.0.64. This can allow unauthenticated attackers to extract sensitive data.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-06-22 CVE Reserved
- 2023-07-13 CVE Published
- 2023-12-07 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Reputeinfosystems Search vendor "Reputeinfosystems" | Bookingpress Search vendor "Reputeinfosystems" for product "Bookingpress" | <= 1.0.64 Search vendor "Reputeinfosystems" for product "Bookingpress" and version " <= 1.0.64" | wordpress |
Affected
| ||||||