What the vulnerability does
01Description
Unauthenticated Privilege Escalation in WP BASE Booking <= 5.9.0 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Unauthenticated Privilege Escalation in WP BASE Booking <= 5.9.0 versions.
Explanation of Vulnerability in Simple Terms
WP BASE Booking versions up to 5.9.0 contain a privilege escalation vulnerability that allows unauthenticated attackers to gain high-level access to the booking system. The vulnerability requires specific network conditions to exploit but does not require user interaction. Successful exploitation grants attackers the ability to read sensitive booking data, modify reservations, and disrupt service availability.
What an attacker can do
Gain unauthorized access to read, modify, or delete booking data without authentication.
Potential impact on your site
Attackers can access customer booking information, alter reservations, and cause booking system downtime without needing valid credentials.
Conditions required to exploit
Network access to the site; no user authentication or interaction required, but exploitation requires specific network conditions.
Key dates
External resources
Related vulnerabilities