CVE-2025-14075

The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotelbookingfetchcustomerinfo' AJAX action to unauthenticated users without proper capability checks, relying only on a...

CVE-2025-23911

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in solidres Solidres – Hotel booking plugin solidres allows SQL Injection.This issue affects Solidres – Hotel booking plugin: from n/a through = 0.9.4...

CVE-2025-63012

Cross-Site Request Forgery CSRF vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through = 2.2.8...

CVE-2025-63013

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Retrieve Embedded Sensitive Data.This issue affects WP Hotel Booking: from n/a through = 2.2.7...

CVE-2025-63011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows DOM-Based XSS.This issue affects WP Hotel Booking: from n/a through = 2.2.8...

CVE-2025-63013

CVE-2025-63013 affects the WordPress WP Hotel Booking plugin (wp-hotel-booking) versions up to and including 2.2.7. The documented issue is exposure of sensitive system information and the ability to retrieve embedded sensitive data, indicating a data-access exposure vulnerability. The root cause...

CVE-2025-63012 WordPress WP Hotel Booking plugin <= 2.2.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through = 2.2.8...

CVE-2025-63011 WordPress WP Hotel Booking plugin <= 2.2.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows DOM-Based XSS.This issue affects WP Hotel Booking: from n/a through = 2.2.8...

EUVD-2025-201997

Cross-Site Request Forgery CSRF vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through = 2.2.7...

CVE-2025-63012 WordPress WP Hotel Booking plugin <= 2.2.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through = 2.2.8...

WordPress plugin WP Hotel Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-50031

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows DOM-Based XSS.This issue affects WP Hotel Booking: from n/a through = 2.2.7...

WordPress WP Hotel Booking plugin <= 2.2.7 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin WP Hotel Booking versions = 2.2.7...

EUVD-2024-48706

Malicious code in bioql PyPI...

EUVD-2025-3526

Malicious code in bioql PyPI...

EUVD-2022-33781

Malicious code in bioql PyPI...

EUVD-2024-45690

Malicious code in bioql PyPI...

CVE-2025-58661

Technical details not publicly provided in the supplied documents for CVE-2025-58661 (eZee Online Hotel Booking Engine). Update with affected versions, impact, and remediation when available.

CVE-2025-8942 WP Hotel Booking < 2.2.3 - Subscriber+ Rating Manipulation

The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value e.g., sending negative or out-of-range values by intercepting and modifying requests...

CVE-2024-51895

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pankaj9296 Minical Hotel Booking Plugin minical allows Stored XSS.This issue affects Minical Hotel Booking Plugin: from n/a through = 1.0.2...