WordPress ReDi Restaurant Reservation plugin <= 23.0211 - Broken Access Control vulnerability
CVE-2023-36510

7.3HIGH

Key Information:

Vendor: WordPress
Status: Redi Restaurant Reservation
Vendor: CVE Published:; 13 December 2024

What is CVE-2023-36510?

The ReDi Restaurant Reservation plugin is affected by a missing authorization vulnerability that arises from improperly configured access control security levels. This flaw allows unauthorized users to potentially exploit the system, gaining access to features and data that should be restricted. The affected versions, ranging from n/a up to 23.0211, may expose users to significant security risks if not addressed promptly. It is crucial for users of this plugin to review their configurations and implement necessary security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ReDi Restaurant Reservation <= 23.0211

References

https://patchstack.com/database/wordpress/plugin/redi-res...

vdb-entry

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 13, 2024
Vulnerability Reserved
Jun 22, 2023

Credit

Abdi Pranata (Patchstack Alliance)

JSON

WordPress