Cyber Resilience

CVE-2023-4703

HighPublic PoC

Published: 16 January 2024

Published
16 January 2024
Modified
20 June 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0026 49.7th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-4703 is a high-severity an unspecified weakness vulnerability in All In One B2B For Woocommerce Project All In One B2B For Woocommerce. Its CVSS base score is 7.5 (High).

Operationally, ranked at the 49.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to…

more

privilege escalation.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

all in one b2b for woocommerce project
all in one b2b for woocommerce
≤ 1.0.3

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References