CVE-2023-1977

EUVD-2023-24157
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
opluginsbooking_manager
𝑥
< 2.0.29
𝑥
= Vulnerable software versions
References
https://wpscan.com/vulnerability/842f3b1f-395a-4ea2-b7df-a36f70e8c790
https://wpscan.com/vulnerability/842f3b1f-395a-4ea2-b7df-a36f70e8c790