Lucene search
K

145 matches found

RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.6 views

CVE-2025-49965

Cross-Site Request Forgery CSRF vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine pixelbeds-channel-manager-booking-engine allows Cross Site Request Forgery.This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through = 1.0...

4.3CVSS5.9AI score0.00132EPSS
Exploits0References1
NVD
NVD
added 2025/06/20 3:15 p.m.7 views

CVE-2025-49965

Cross-Site Request Forgery CSRF vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine pixelbeds-channel-manager-booking-engine allows Cross Site Request Forgery.This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through = 1.0...

4.3CVSS0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:4 p.m.3 views

CVE-2025-49965 WordPress PixelBeds Channel Manager and Hotel Booking Engine plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine allows Cross Site Request Forgery. This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through 1.0...

4.3CVSS4.6AI score0.00132EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/20 3:4 p.m.18 views

CVE-2025-49965 WordPress PixelBeds Channel Manager and Hotel Booking Engine plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine pixelbeds-channel-manager-booking-engine allows Cross Site Request Forgery.This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through = 1.0...

4.3CVSS0.00132EPSS
Exploits0References1
CVE
CVE
added 2025/06/20 3:4 p.m.19 views

CVE-2025-49965

CVE-2025-49965 is a CSRF vulnerability in WordPress PixelBeds Channel Manager and Hotel Booking Engine, affecting versions 1.0 and earlier. The issue enables cross-site requests initiated by a logged-in user with no privileges required, requiring user interaction. Public details confirm affected ...

4.3CVSS5.9AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.5 views

WordPress plugin PixelBeds Channel Manager and Hotel Booking Engine 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress plugin...

4.3CVSS6.4AI score0.00132EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:43 a.m.8 views

CVE-2024-7647

The OTA Sync Booking Engine Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.7. This is due to missing or incorrect nonce validation on the otasyncwidgetsettingsfnc function. This makes it possible for unauthenticated attackers to...

6.1CVSS6.4AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:49 a.m.6 views

CVE-2018-17842

SQL injection exists in Scriptzee Hotel Booking Engine 1.0 via the hotels hroomtype parameter...

9.8CVSS8.1AI score0.02209EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/29 2:30 p.m.3 views

CVE-2025-22670

Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.7.2...

6.5CVSS7.2AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 3:15 p.m.5 views

CVE-2025-22670

Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.7.2...

6.5CVSS0.00341EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 2:14 p.m.45 views

CVE-2025-22670

CVE-2025-22670 describes a CSRF to Settings Change vulnerability in the WordPress VikBooking Hotel Booking Engine & PMS plugin. The issue affects VikBooking versions up to 1.7.2 (including 1.7.2 and earlier). It is classified with a CVSS v3.1 base score of 6.5 (Medium) and is described in connect...

6.5CVSS7.2AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:10 a.m.6 views

CVE-2024-32563

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VikBooking Hotel Booking Engine & PMS allows Reflected XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.6.7...

7.1CVSS5.2AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:25 p.m.7 views

CVE-2024-53753

Cross-Site Request Forgery CSRF vulnerability in CultBooking CultBooking Hotel Booking Engine cultbooking-booking-engine allows Stored XSS.This issue affects CultBooking Hotel Booking Engine: from n/a through = 2.1...

7.1CVSS7.2AI score0.00143EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/03 2:47 p.m.3 views

WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.7.2 - CSRF to Settings Change vulnerability

CSRF to Settings Change vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin VikBooking Hotel Booking Engine & PMS versions = 1.7.2...

6.5CVSS7AI score0.00341EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/27 11:2 p.m.3 views

WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.7.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Cross-Site Request Forgery to Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin VikBooking Hotel Booking Engine & PMS versions = 1.7.2...

8.8CVSS7AI score0.00334EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/01/26 12:0 a.m.3 views

WordPress plugin VikBooking Hotel Booking Engine & PMS 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS8.8AI score0.00334EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/02 1:48 p.m.16 views

CVE-2024-53753 WordPress CultBooking Hotel Booking Engine plugin <= 2.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in CultBooking CultBooking Hotel Booking Engine cultbooking-booking-engine allows Stored XSS.This issue affects CultBooking Hotel Booking Engine: from n/a through = 2.1...

7.1CVSS0.00143EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:48 p.m.55 views

CVE-2024-53753

CVE-2024-53753 is a vulnerability in the CultBooking Hotel Booking Engine (WordPress plugin) affecting versions

7.1CVSS7.2AI score0.00143EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/02 1:48 p.m.12 views

CVE-2024-53753 WordPress CultBooking Hotel Booking Engine plugin <= 2.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in CultBooking CultBooking Hotel Booking Engine allows Stored XSS.This issue affects CultBooking Hotel Booking Engine: from n/a through 2.1...

7.1CVSS6.8AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.3 views

WordPress plugin CultBooking Hotel Booking Engine 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS8.4AI score0.00143EPSS
Exploits0References1
Rows per page
Query Builder