Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:24 p.m.9 views

CVE-2026-8684

The MotoPress Hotel Booking plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to overwrite or...

5.3CVSS5.5AI score0.00278EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/01/07 12:12 p.m.7 views

WordPress Awesome Hotel Booking plugin <= 1.0 - Incorrect Authorization to Unauthenticated Arbitrary Booking Modification vulnerability

Incorrect Authorization to Unauthenticated Arbitrary Booking Modification vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Awesome Hotel Booking versions = 1.0...

5.3CVSS6.8AI score0.00236EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/01/07 9:20 a.m.12 views

CVE-2025-14352

CVE-2025-14352 affects the WordPress plugin Awesome Hotel Booking. The Wordfence report confirms unauthorized modification of data due to insufficient authorization checks in the room-single.php shortcode handler, relying on nonce verification alone. This allows unauthenticated attackers to modif...

5.3CVSS6AI score0.00236EPSS
Exploits0References2
Patchstack
Patchstackadded 2026/01/06 8:13 a.m.6 views

WordPress Timetics plugin <= 1.0.36 - Missing Authorization to Unauthenticated Booking Details View And Modification vulnerability

Missing Authorization to Unauthenticated Booking Details View And Modification vulnerability discovered by greenhats - Student in WordPress Plugin Timetics versions = 1.0.36...

6.5CVSS6.8AI score0.0021EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2025/05/15 12:0 a.m.2 views

WordPress plugin EventPrime 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.5AI score0.00257EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/04/24 12:0 a.m.2 views

PT-2023-16775 · WordPress · Wp Fevents Book

Name of the Vulnerable Software and Affected Versions: WP FEvents Book WordPress plugin versions 0.46 and earlier Description: The issue allows any authenticated user to book, add notes, or cancel bookings on behalf of other users, as the plugin does not ensure that bookings to be updated belong ...

6.5CVSS6.9AI score0.00555EPSS
Exploits2References6
OSV
OSVadded 2022/04/04 4:15 p.m.2 views

CVE-2022-0825

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any customer to update other's booking status, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it...

5.4CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder