Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

CVE
CVEadded 2026/01/22 4:52 p.m.12 views

CVE-2025-68027

CVE-2025-68027 : The Hydra Booking (Themefic Hydra Booking) WordPress plugin suffers an unauthenticated privilege escalation due to an incorrect privilege assignment in versions up to 1.1.32. The vulnerability enables elevation of privileges within Hydra Booking (hydra-booking) as described in pu...

7.3CVSS5.4AI score0.0028EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2025/12/19 10:1 a.m.198 views

Exploit for CVE-2025-68055

CVE-2025-68055 Authenticated SQL injection in Hydra Booking...

8.5CVSS8.1AI score0.00286EPSS
Exploits1
CNNVD
CNNVDadded 2025/12/16 12:0 a.m.7 views

WordPress plugin Hydra Booking SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL...

8.5CVSS7.5AI score0.00286EPSS
Exploits1References1
CVE
CVEadded 2025/11/11 11:3 a.m.14 views

CVE-2025-12787

CVE-2025-12787 affects Hydra Booking — Appointment Scheduling & Booking Calendar (WordPress) up to version 1.1.27, allowing unauthenticated cancellation of arbitrary bookings. The root cause is insufficiently random cancellation tokens combined with a globally shared nonce in the tfhb_meeting_for...

5.3CVSS5.7AI score0.00255EPSS
Exploits0References2
CVE
CVEadded 2025/10/22 2:32 p.m.6 views

CVE-2025-49378

CVE-2025-49378 affects the WordPress Hydra Booking plugin, up to version

8.5CVSS7.3AI score0.00363EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/10/22 12:0 a.m.2 views

WordPress plugin Hydra Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.3CVSS6.6AI score0.00201EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2025-22981

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00336EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/07/31 10:6 a.m.8 views

CVE-2025-7689

The Hydra Booking plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the tfhbresetpasswordcallback function in versions 1.1.0 to 1.1.18. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the password o...

8.8CVSS6.3AI score0.00336EPSS
Exploits0References1
CVE
CVEadded 2025/07/29 9:23 a.m.22 views

CVE-2025-7689

CVE-2025-7689 – Hydra Booking (WordPress) : The Hydra Booking plugin versions 1.1.0 to 1.1.18 are affected by a privilege-escalation flaw caused by a missing capability check in the tfhb_reset_password_callback() function. This vulnerability allows authenticated users with Subscriber-level access...

8.8CVSS6.4AI score0.00336EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/07/29 12:0 a.m.3 views

WordPress plugin Hydra Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.3AI score0.00336EPSS
Exploits0References3
Rows per page
Query Builder