CVE-2023-51511 — Improper Authentication in LLC Booster Elite FOR Woocommerce

CWE-287 — Improper Authentication3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 49.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pluggabl LLC Booster Elite FOR Woocommerce Booster FOR Woocommerce

Timeline

PublishedJun 4

Description

Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.3.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5pluggabl_llc/booster_elite_for_woocommercen/a — 7.1.3

▶NVDbooster/booster< 7.1.3

🔴Vulnerability Details

GHSA

GHSA-98p9-rpw9-qmj6: Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs↗2024-06-04

▶

CVEList

WordPress Booster Elite for WooCommerce plugin < 7.1.3 - Authenticated Production Creation/Modification Vulnerability↗2024-06-04

▶