WordPress Plugin Vulnerabilities

BookIt < 2.3.8 - Authentication Bypass

Description

The plugin does not perform any authorisation check when a user book an appointment using an email from an existing account, allowing unauthenticated attackers to login as any user from the blog by providing their email address

Proof of Concept

Affects Plugins

Plugin icon
bookit
Fixed in 2.3.8

References

CVE
CVE-2023-2834
URL
https://www.wordfence.com/blog/2023/06/stylemixthemes-addresses-authentication-bypass-vulnerability-in-bookit-wordpress-plugin/

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287
CVSS
9.8 (critical)

Miscellaneous

Original Researcher
Lana Codes
Verified
Yes
WPVDB ID
4c6c602b-ba80-46c3-a86d-20c1a0632aa3

Timeline

Publicly Published
2023-06-20 (about 2 years ago)
Added
2023-06-21 (about 2 years ago)
Last Updated
2023-06-21 (about 2 years ago)

Other

Published
Title
Published
2025-07-11
Title
Simple Link Directory < 14.8.1 - Authentication Bypass
Published
2014-08-01
Title
Spam Free Plugin 1.9.2 - IP Blocklist Restriction Bypass
Published
2016-06-28
Title
MemberSonic Lite < 1.302 - Authentication Bypass
Published
2022-09-05
Title
OAuth client Single Sign On for WordPress < 3.0.4 - Unauthenticated Settings Update to Authentication Bypass
Published
2023-05-24
Title
MStore API < 3.9.3 - Authentication Bypass