8 matches found
CVE-2025-69185
The CVE-2025-69185 entry maps to a Missing Authorization / Broken Access Control vulnerability in the WordPress Hotel Listing plugin (versions
CVE-2025-69185 WordPress Hotel Listing plugin <= 1.4.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through = 1.4.2...
CVE-2025-69056 WordPress Hotel Listing plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from n/a through = 1.4.0...
CVE-2025-69056 WordPress Hotel Listing plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from n/a through = 1.4.0...
CVE-2025-68059
CVE-2025-68059 : WordPress plugin Hotel Listing (versions up to 1.4.2) has a Missing Authorization / Broken Access Control vulnerability in e-plugins Hotel Listing. The issue arises from incorrectly configured access control security levels, enabling unauthorized access to protected functions. Pu...
WordPress Hotel Listing plugin <= 1.4.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Hotel Listing versions = 1.4.2...
CVE-2025-58710 WordPress Hotel Listing plugin <= 1.4.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...
WordPress Hotel Listing Plugin < 1.3.7 is vulnerable to Privilege Escalation
Software Hotel Listing Type Plugin Vulnerable versions 1.3.7 Fixed in 1.3.7 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 6e712961c58d Credits Omar Badran Required privilege...