CVE-2023-37389
📋 TL;DR
This vulnerability allows unauthenticated attackers to escalate privileges in the SAASPROJECT Booking Package WordPress plugin. Attackers can gain administrative access without credentials, affecting all WordPress sites running vulnerable versions of this plugin.
💻 Affected Systems
- SAASPROJECT Booking Package WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete site takeover with administrative privileges, allowing data theft, malware installation, defacement, and further network compromise.
Likely Case
Unauthenticated attackers gain administrative access to WordPress sites, enabling content manipulation, plugin/theme installation, and user data access.
If Mitigated
With proper access controls and monitoring, impact is limited to attempted privilege escalation that can be detected and blocked.
🎯 Exploit Status
Public exploit details available on Patchstack. Simple HTTP requests can trigger the vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.5.99 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Booking Package' plugin. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from WordPress repository and replace plugin files.
🔧 Temporary Workarounds
Disable Booking Package Plugin
allTemporarily disable the vulnerable plugin until patched
wp plugin deactivate booking-package
Restrict Plugin Access
allUse web application firewall to block requests to booking-package plugin endpoints
🧯 If You Can't Patch
- Implement strict network segmentation to isolate WordPress instances
- Deploy web application firewall with rules to detect privilege escalation attempts
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for Booking Package version 1.5.98 or earlierCheck Version:
wp plugin get booking-package --field=versionVerify Fix Applied:
Verify Booking Package plugin version is 1.5.99 or later in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unusual admin user creation/modification
- Failed login attempts followed by successful admin access from same IP
- HTTP requests to booking-package endpoints with privilege escalation parameters
Network Indicators:
- HTTP POST requests to /wp-admin/admin-ajax.php with action=booking_package_* from unauthenticated sources
- Unusual spikes in traffic to booking-package plugin endpoints
SIEM Query:
source="wordpress.log" AND ("booking-package" OR "booking_package") AND ("admin" OR "privilege" OR "escalation")🔗 References
- https://patchstack.com/database/vulnerability/booking-package/wordpress-booking-package-saasproject-plugin-1-5-98-unauthenticated-privilege-escalation-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/booking-package/wordpress-booking-package-saasproject-plugin-1-5-98-unauthenticated-privilege-escalation-vulnerability?_s_id=cve
