145 matches found
CVE-2025-49965
Cross-Site Request Forgery CSRF vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine pixelbeds-channel-manager-booking-engine allows Cross Site Request Forgery.This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through = 1.0...
CVE-2025-49965
Cross-Site Request Forgery CSRF vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine pixelbeds-channel-manager-booking-engine allows Cross Site Request Forgery.This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through = 1.0...
CVE-2025-49965 WordPress PixelBeds Channel Manager and Hotel Booking Engine plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine allows Cross Site Request Forgery. This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through 1.0...
CVE-2025-49965 WordPress PixelBeds Channel Manager and Hotel Booking Engine plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Oganro PixelBeds Channel Manager and Hotel Booking Engine pixelbeds-channel-manager-booking-engine allows Cross Site Request Forgery.This issue affects PixelBeds Channel Manager and Hotel Booking Engine: from n/a through = 1.0...
CVE-2025-49965
CVE-2025-49965 is a CSRF vulnerability in WordPress PixelBeds Channel Manager and Hotel Booking Engine, affecting versions 1.0 and earlier. The issue enables cross-site requests initiated by a logged-in user with no privileges required, requiring user interaction. Public details confirm affected ...
WordPress plugin PixelBeds Channel Manager and Hotel Booking Engine 跨站请求伪造漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress plugin...
CVE-2024-7647
The OTA Sync Booking Engine Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.7. This is due to missing or incorrect nonce validation on the otasyncwidgetsettingsfnc function. This makes it possible for unauthenticated attackers to...
CVE-2018-17842
SQL injection exists in Scriptzee Hotel Booking Engine 1.0 via the hotels hroomtype parameter...
CVE-2025-22670
Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.7.2...
CVE-2025-22670
Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.7.2...
CVE-2025-22670
CVE-2025-22670 describes a CSRF to Settings Change vulnerability in the WordPress VikBooking Hotel Booking Engine & PMS plugin. The issue affects VikBooking versions up to 1.7.2 (including 1.7.2 and earlier). It is classified with a CVSS v3.1 base score of 6.5 (Medium) and is described in connect...
CVE-2024-32563
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VikBooking Hotel Booking Engine & PMS allows Reflected XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.6.7...
CVE-2024-53753
Cross-Site Request Forgery CSRF vulnerability in CultBooking CultBooking Hotel Booking Engine cultbooking-booking-engine allows Stored XSS.This issue affects CultBooking Hotel Booking Engine: from n/a through = 2.1...
WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.7.2 - CSRF to Settings Change vulnerability
CSRF to Settings Change vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin VikBooking Hotel Booking Engine & PMS versions = 1.7.2...
WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.7.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Cross-Site Request Forgery to Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin VikBooking Hotel Booking Engine & PMS versions = 1.7.2...
WordPress plugin VikBooking Hotel Booking Engine & PMS 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2024-53753 WordPress CultBooking Hotel Booking Engine plugin <= 2.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in CultBooking CultBooking Hotel Booking Engine cultbooking-booking-engine allows Stored XSS.This issue affects CultBooking Hotel Booking Engine: from n/a through = 2.1...
CVE-2024-53753
CVE-2024-53753 is a vulnerability in the CultBooking Hotel Booking Engine (WordPress plugin) affecting versions
CVE-2024-53753 WordPress CultBooking Hotel Booking Engine plugin <= 2.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in CultBooking CultBooking Hotel Booking Engine allows Stored XSS.This issue affects CultBooking Hotel Booking Engine: from n/a through 2.1...
WordPress plugin CultBooking Hotel Booking Engine 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...