WordPress Awesome Hotel Booking plugin <= 1.0 - Incorrect Authorization to Unauthenticated Arbitrary Booking Modification vulnerability

Incorrect Authorization to Unauthenticated Arbitrary Booking Modification vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Awesome Hotel Booking versions = 1.0...

CVE-2025-14352

CVE-2025-14352 affects the WordPress plugin Awesome Hotel Booking. The Wordfence report confirms unauthorized modification of data due to insufficient authorization checks in the room-single.php shortcode handler, relying on nonce verification alone. This allows unauthenticated attackers to modif...

WordPress Timetics plugin <= 1.0.36 - Missing Authorization to Unauthenticated Booking Details View And Modification vulnerability

Missing Authorization to Unauthenticated Booking Details View And Modification vulnerability discovered by greenhats - Student in WordPress Plugin Timetics versions = 1.0.36...

WordPress plugin EventPrime 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2023-16775 · WordPress · Wp Fevents Book

Name of the Vulnerable Software and Affected Versions: WP FEvents Book WordPress plugin versions 0.46 and earlier Description: The issue allows any authenticated user to book, add notes, or cancel bookings on behalf of other users, as the plugin does not ensure that bookings to be updated belong ...

CVE-2022-0825

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any customer to update other's booking status, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it...