3 matches found
CVE-2025-14352
The Awesome Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to incorrect authorization in the room-single.php shortcode handler in all versions up to, and including, 1.0.3. This is due to the plugin relying solely on nonce verification without capability...
CVE-2025-14352
creationtimestamp| type| source ---|---|--- 2026-01-07 11:22:12+00:00| seen| https://gist.github.com/Darkcrai86/91b95fd86b4fed0e24547f3c2846a067...
CVE-2025-14352 Awesome Hotel Booking <= 1.0.3 - Incorrect Authorization to Unauthenticated Arbitrary Booking Modification
The Awesome Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to incorrect authorization in the room-single.php shortcode handler in all versions up to, and including, 1.0.3. This is due to the plugin relying solely on nonce verification without capability...