3 matches found
CVE-2024-4314 hostel <= 1.1.5.3 - Cross-Site Request Forgery
The Hostel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5.3. This is due to missing or incorrect nonce validation when managing rooms. This makes it possible for unauthenticated attackers to create and delete rooms via a forged request...
CVE-2024-4314 hostel <= 1.1.5.3 - Cross-Site Request Forgery
The Hostel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5.3. This is due to missing or incorrect nonce validation when managing rooms. This makes it possible for unauthenticated attackers to create and delete rooms via a forged request...
WordPress Hostel Plugin <= 1.1.5.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Hostel Type Plugin Vulnerable versions = 1.1.5.3 Fixed in 1.1.5.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4314 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5c8220b39532 Credits Benedictus Jovan aillesiM...