3 matches found
CVE-2023-0768 Avirato hotels online booking engine <= 5.0.5 - Subscriber+ SQLi
The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...
CVE-2023-0768
CVE-2023-0768 affects the Avirato hotels online booking engine WordPress plugin (
WordPress Avirato hotels online booking engine Plugin <= 5.0.5 is vulnerable to SQL Injection
Software Avirato hotels online booking engine Type Plugin Vulnerable versions = 5.0.5 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0768 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 529cd2a74d04 Credits István Márton Required...