CVE-2025-69056

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from n/a through = 1.4.0...

CVE-2025-69185

Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through = 1.4.2...

CVE-2025-69056

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from n/a through = 1.4.0...

CVE-2025-69185 WordPress Hotel Listing plugin <= 1.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through = 1.4.2...

CVE-2025-69185

The CVE-2025-69185 entry maps to a Missing Authorization / Broken Access Control vulnerability in the WordPress Hotel Listing plugin (versions

CVE-2025-69056

CVE-2025-69056 is a Reflected XSS in the WordPress Hotel Listings plugin (hotel-listing) for Hotel Listing, affecting versions up to and including 1.4.0. Root cause: improper input neutralization during web page generation. Impact per sources: potential exposure of confidential/integrity/availabi...

CVE-2025-69056

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from n/a through = 1.4.0...

CVE-2025-68059 WordPress Hotel Listing plugin <= 1.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through = 1.4.2...

WordPress plugin Hotel Listing cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-4074

Name of the Vulnerable Software and Affected Versions e-plugins Hotel Listing versions through 1.4.2 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. This allows for exploitation of the system. Recommendations Update...

PT-2026-4144

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from n/a through = 1.4.0...

WordPress plugin “Hotel Listing” has security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

WordPress plugin “Hotel Listing” has security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2025-58710

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...

PT-2025-52057

Name of the Vulnerable Software and Affected Versions e-plugins Hotel Listing versions through 1.4.0 Description An incorrect privilege assignment exists in the Hotel Listing plugin, potentially allowing privilege escalation. The issue is present in the hotel-listing component. Recommendations...

WordPress Hotel Listing plugin <= 1.4.0 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Hotel Listing versions = 1.4.0...

WordPress Hotel Listing Plugin < 1.3.7 is vulnerable to Privilege Escalation

Software Hotel Listing Type Plugin Vulnerable versions 1.3.7 Fixed in 1.3.7 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 6e712961c58d Credits Omar Badran Required privilege...