WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. The WordPress Plugin Online Hotel Booking System Pro version 1.2 is vulnerable to SQL injection, which results from the manipulation of the parameter tid to cause SQL injection. An attacker could exploit this vulnerability to conduct SQL injection attacks.