Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Wp Hotel Booking Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2020-29047

The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php.

9.8CVSS

9.8AI Score

0.013EPSS

2021-03-03 06:15 PM
40
cve
cve

CVE-2023-5652

The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not escape user input before using it in a SQL statement of a function hooked to admin_init, allowing unauthenticated users to perform SQL injections

9.8CVSS

9.6AI Score

0.001EPSS

2023-11-20 07:15 PM
28