2 matches found
CVE-2025-12787
The Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to unauthorized booking cancellation in all versions up to, and including, 1.1.27. This is due to the plugin's "tfhbmeetingformsubmitcallback" function using insufficiently random values to generate...
PT-2025-46322
Name of the Vulnerable Software and Affected Versions Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress versions prior to 1.1.28 Description The Hydra Booking plugin for WordPress is susceptible to unauthorized booking cancellations. This is caused by the use of...