Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2024-11-21

CVE-2023-3125 - B2bking Plugin

The B2BKing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'b2bking_save_price_import' function in versions up to, and including, 4.6.00. This makes it possible for Authenticated attackers with subscriber or customer-level permissions to modify the pricing of any product on the site.

PLUGIN B2bking

CVE-2023-3125

MEDIUM CVSS 6.5 2023-06-07

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2023-3126 - B2bking Plugin

The B2BKing plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'b2bkingdownloadpricelist' function in versions up to, and including, 4.6.00. This makes it possible for Authenticated attackers with subscriber or customer-level permissions to retrieve the full pricing list of all products on the site.

PLUGIN B2bking

CVE-2023-3126

MEDIUM CVSS 4.3 2023-06-07

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2023-3125 - B2bking Plugin

CVE-2023-3126 - B2bking Plugin

Company Links

Contact Us