3 matches found
ND Booking < 2.5 - Unauthenticated Options Change
The Hotel Booking WordPress plugin ND Booking 2.5 was affected by an Unauthenticated Options Change security vulnerability. id: CVE-2019-15774 info: name: ND Booking 2.5 - Unauthenticated Options Change author: popcorn94 severity: medium description: | The Hotel Booking WordPress plugin ND Bookin...
CVE-2019-15774
ND Booking (WordPress plugin)
VulnCheck KEV: CVE-2019-15774
The nd-booking plugin before 2.5 for WordPress has a nopriv AJAX action that allows modification of the siteurl setting...