PT-2024-17412 · WordPress · Tourfic – Ultimate Hotel Booking
Name of the Vulnerable Software and Affected Versions: Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin versions up to, and including, 2.15.3 Description: The issue is related to SQL Injection via the enquiry id parameter of the tf enquiry reply email callback...