{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2023-36507",
        "ASSIGNER": "audit@patchstack.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Repute Infosystems BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.64.\n\n"
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                        "cweId": "CWE-200"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Repute Infosystems",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "BookingPress \u2013 Appointment Booking Calendar Plugin and Online Scheduling Plugin",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "versions": [
                                                    {
                                                        "changes": [
                                                            {
                                                                "at": "1.0.65",
                                                                "status": "unaffected"
                                                            }
                                                        ],
                                                        "lessThanOrEqual": "1.0.64",
                                                        "status": "affected",
                                                        "version": "n/a",
                                                        "versionType": "custom"
                                                    }
                                                ],
                                                "defaultStatus": "unaffected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://patchstack.com/database/vulnerability/bookingpress-appointment-booking/wordpress-bookingpress-plugin-1-0-64-unauthenticated-server-information-disclosure-vulnerability?_s_id=cve",
                "refsource": "MISC",
                "name": "https://patchstack.com/database/vulnerability/bookingpress-appointment-booking/wordpress-bookingpress-plugin-1-0-64-unauthenticated-server-information-disclosure-vulnerability?_s_id=cve"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.1.0-dev"
    },
    "source": {
        "discovery": "EXTERNAL"
    },
    "solution": [
        {
            "lang": "en",
            "supportingMedia": [
                {
                    "base64": false,
                    "type": "text/html",
                    "value": "Update to&nbsp;1.0.65 or a higher version."
                }
            ],
            "value": "Update to\u00a01.0.65 or a higher version."
        }
    ],
    "credits": [
        {
            "lang": "en",
            "value": "Paul Goodchild (Patchstack Alliance)"
        }
    ],
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
            }
        ]
    }
}