CVE-2023-48319

Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 8.6.

CVSS v3 6.8 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve	Third Party Advisory
https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*

History

15 Apr 2025, 20:56

Type	Values Removed	Values Added
References	~~() https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve -~~	() https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve - Third Party Advisory
First Time		Salonbookingsystem Salonbookingsystem salon Booking System
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:a:salonbookingsystem:salon_booking_system::::::wordpress::*

21 Nov 2024, 08:31

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de gestión de privilegios incorrecta en Salon Booking System. Salon booking system permite la escalada de privilegios. Este problema afecta al sistema de reservas de salones: desde n/a hasta 8.6.
References	~~() https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve -~~	() https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve -

17 May 2024, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-17 09:15

Updated : 2025-04-15 20:56

NVD link : CVE-2023-48319

Mitre link : CVE-2023-48319

CVE.ORG link : CVE-2023-48319

JSON object : View

Products Affected

salonbookingsystem

salon_booking_system

CWE

CWE-269

Improper Privilege Management

NVD-CWE-noinfo

6.8 /10