Unrated severityNVD Advisory· Published Jan 16, 2024· Updated Jun 20, 2025
All in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege Escalation
CVE-2023-4703
Description
The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/All in One B2B for WooCommercedescription
- Range: <=1.0.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/83278bbb-90e6-4465-a46d-60b4c703c11a/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.