Vulnerability Details CVE-2019-15819
The nd-restaurant-reservations plugin before 1.5 for WordPress has no requirement for nd_rst_import_settings_php_function authentication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://blog.nintechnet.com/privilege-escalation-vulnerability-in-wordpress-nd-restaurant-reservations-plugin/
- https://wordpress.org/plugins/nd-restaurant-reservations/#developers
- https://wpvulndb.com/vulnerabilities/9501
- https://blog.nintechnet.com/privilege-escalation-vulnerability-in-wordpress-nd-restaurant-reservations-plugin/
- https://wordpress.org/plugins/nd-restaurant-reservations/#developers
- https://wpvulndb.com/vulnerabilities/9501
Products affected by CVE-2019-15819
-
cpe:2.3:a:restaurant_reservations_project:restaurant_reservations:-
-
cpe:2.3:a:restaurant_reservations_project:restaurant_reservations:1.0
-
cpe:2.3:a:restaurant_reservations_project:restaurant_reservations:1.1
-
cpe:2.3:a:restaurant_reservations_project:restaurant_reservations:1.2
-
cpe:2.3:a:restaurant_reservations_project:restaurant_reservations:1.3