CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-4703

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.8%

CVSS Severity

CVSS v3 Score 7.5

References

https://wpscan.com/vulnerability/83278bbb-90e6-4465-a46d-60b4c703c11a/
https://wpscan.com/vulnerability/83278bbb-90e6-4465-a46d-60b4c703c11a/

Products affected by CVE-2023-4703

All In One B2b For Woocommerce Project » All In One B2b For Woocommerce » Version: 1.0.3

cpe:2.3:a:all_in_one_b2b_for_woocommerce_project:all_in_one_b2b_for_woocommerce:1.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-4703

Products

Pricing

Contact Us