7 matches found
CVE-2026-0658
The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...
CVE-2026-0658
The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...
PT-2026-5611
The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks...
CVE-2025-10124
CVE-2025-10124 concerns the Booking Manager WordPress plugin, version
PT-2025-41504
Name of the Vulnerable Software and Affected Versions The Booking Manager WordPress plugin versions prior to 2.1.15 Description The Booking Manager WordPress plugin has an issue where a shortcode capable of deleting bookings is registered and accessible to users with contributor privileges or...
Unspecified vulnerability in Listeo WordPress plugin (CNVD-2021-44295)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . Listeo WordPress has a security vulnerability before...
CVE-2021-24318
The Listeo WordPress theme before 1.6.11 did not ensure that the Post/Page and Booking to delete belong to the user making the request, allowing any authenticated users to delete arbitrary page/post and booking via an IDOR vector...