Lucene search
K

16 matches found

EUVD
EUVD
added 15 hours ago6 views

EUVD-2026-43149

The WP Hotel Booking plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 2.3.1. This is due to the webhookprocesspaypalstandard IPN handler selecting its PayPal validation endpoint from the attacker-controlled $REQUEST'testipn...

5.3CVSS6.1AI score
Exploits0References10
CVE
CVE
added 2026/06/19 6:0 a.m.23 views

CVE-2026-9822

The CVE-2026-9822 entry concerns the WP Hotel Booking WordPress plugin prior to version 2.3.1. Root cause: missing capability checks in several AJAX handlers. Impact: authenticated users with Subscriber-level access can read other users’ booking line items, enumerate active coupons, and read pric...

6.5CVSS5.8AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.5 views

WordPress plugin Hotel Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.6AI score0.00176EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:18 p.m.3 views

CVE-2025-63013

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Retrieve Embedded Sensitive Data.This issue affects WP Hotel Booking: from n/a through = 2.2.7...

4.3CVSS0.00223EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.3 views

PT-2025-50032

Cross-Site Request Forgery CSRF vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through = 2.2.7...

6.9AI score0.00111EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-29843

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.00276EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/27 1:21 p.m.2 views

CVE-2025-53259 WordPress Hotel Booking plugin <= 3.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nicdark Hotel Booking nd-booking allows PHP Local File Inclusion.This issue affects Hotel Booking: from n/a through = 3.7...

7.5CVSS5.3AI score0.00477EPSS
Exploits0References1
CVE
CVE
added 2025/06/27 1:21 p.m.22 views

CVE-2025-53259

CVE-2025-53259 affects the nicdark Hotel Booking WordPress plugin (versions n/a through 3.7) and is a Local File Inclusion due to improper control of filename in PHP Include/Require. The vulnerability enables access to local files via PHP inclusion, with potential impact on confidentiality, integ...

7.5CVSS5.9AI score0.00477EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 2:19 p.m.9 views

CVE-2025-47498 WordPress Hotel Booking <= 3.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nicdark Hotel Booking allows PHP Local File Inclusion. This issue affects Hotel Booking: from n/a through 3.6...

7.5CVSS7.7AI score0.0061EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.4 views

PT-2025-2175 · WordPress · Wp Hotel Booking

Name of the Vulnerable Software and Affected Versions: WP Hotel Booking plugin for WordPress versions up to, and including, 2.1.6 Description: The issue is related to unauthorized access of data due to a missing capability check on the hotel booking load order user AJAX action. This allows...

4.3CVSS7AI score0.00347EPSS
Exploits0References11
OSV
OSV
added 2024/11/04 2:15 p.m.3 views

CVE-2024-51582

Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through 2.1.4...

8.8CVSS5.8AI score0.0051EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/05/10 10:12 a.m.5 views

WordPress Hotel Booking Lite plugin <= 4.11.1 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by Trinh Vu Sonicrrrr in WordPress Plugin Hotel Booking Lite versions = 4.11.1...

9.8CVSS7.3AI score0.00852EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/10 12:0 a.m.12 views

WordPress Hotel Booking Lite Plugin <= 4.11.1 is vulnerable to PHP Object Injection

Software Hotel Booking Lite Type Plugin Vulnerable versions = 4.11.1 Fixed in 4.11.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-4413 Patch priority High CVSS severity High 9 Developer Claim ownership PSID f9d7cef7773f Credits Trinh Vu Sonicrrrr Required privilege...

9.8CVSS6.8AI score0.00852EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/03/29 12:0 a.m.5 views

WordPress Plugin WP Hotel Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

9.8CVSS8.1AI score0.00519EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/06/15 6:55 p.m.10 views

CVE-2022-29443 WordPress Hotel Booking plugin <= 3.0 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerabilities in Nicdark's Hotel Booking plugin = 3.0 at WordPress...

4.1CVSS4.7AI score0.00494EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2020/04/04 12:0 a.m.172 views

WordPress Hotel Booking System Pro 1.1 Cross Site Scripting

Exploit Title: WordPress Hotel Booking System Pro v1.1 XSS Vunlerability Google Dork:N/A Date: 2020-04-04 Exploit Author: @ThelastVvV Vendor Homepage: https://codecanyon.net/item/online-hotel-booking-system-pro-wordpress-plugin/9338914 Version: 1.1 Tested on: 5.4.0-4parrot1-amd64...

Exploits0
Rows per page
Query Builder