CVE-2023-48319 — Improper Privilege Management in Salon Booking System

CWE-269 — Improper Privilege Management3 documents3 sources

Severity

7.2HIGHNVD

CNA6.8

EPSS

0.2%

top 55.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Salonbookingsystem Salon Booking System Salon Booking System

Timeline

PublishedMay 17

Description

Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 8.6.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

▶NVDsalonbookingsystem/salon_booking_system< 8.7

▶CVEListV5salon_booking_system/salon_booking_systemn/a — 8.6

🔴Vulnerability Details

GHSA

GHSA-hqrx-h9xj-6qqq: Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation↗2024-05-17

▶

CVEList

WordPress Salon booking system plugin < 8.7 - Editor+ Privilege Escalation vulnerability↗2024-05-17

▶