Reversing WordPress CVEs: Baby Steps
Other
While searching for fun CVEs in Wordpress Plugins, CVE-2023–2834 caught our eye. The plugin Bookit was vulnerable to an Authentication Bypass. As per Patchstack, this was a CVSS 9.8 issue, meaning it was quite impactful! Hence, me and Arpeet Rathi decided to take a look.
https://infosecwriteups.com/reversing-wordpress-cves-baby-steps-1069feb50dd4