2 matches found
CVE-2021-36854
CVE-2021-36854 affects WordPress Booking Ultra Pro plugin versions up to 1.1.4. The root cause is missing CSRF checks in multiple areas, enabling CSRF to trigger actions by authenticated users. Impact per sources is user action changes with potential confidentiality/integrity concerns; exploitati...
CVE-2021-36854 WordPress Booking Ultra Pro plugin <= 1.1.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
Multiple Cross-Site Request Forgery CSRF vulnerabilities in Booking Ultra Pro plugin = 1.1.4 at WordPress...