4 matches found
CVE-2023-50840
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpdevelop, oplugins Booking Manager.This issue affects Booking Manager: from n/a through 2.1.5...
CVE-2023-50840
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpdevelop, oplugins Booking Manager.This issue affects Booking Manager: from n/a through 2.1.5...
CVE-2023-50840
CVE-2023-50840 is a WordPress Booking Manager plugin vulnerability. The issue is an SQL Injection in the Booking Manager component, exploitable via a shortcode and requiring at least Authenticated (Contributor+) access. Affected versions are Booking Manager: from n/a through 2.1.5. Vendors have r...
WordPress Booking Manager Plugin <= 2.1.5 is vulnerable to SQL Injection
Software Booking Manager Type Plugin Vulnerable versions = 2.1.5 Fixed in 2.1.6 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50840 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID 1f8bbef81167 Credits Ngô Thiên An ancorn from VNPT-VCI Required...