Wp Hotel Booking Security Vulnerabilities and Issues — Wp Hotel Booking CVE List

Lucene search

ThimpressWp Hotel Booking

3 matches found

CVE•added 2025/01/22 11:15 a.m.•45 views

CVE-2024-13447

The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hotel_booking_load_order_user AJAX action in all versions up to, and including, 2.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS4.3AI score0.00059EPSS

CVE•added 2025/01/17 9:15 a.m.•38 views

CVE-2024-12370

The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check when adding rooms in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to add rooms with custom prices.

5.3CVSS5.1AI score0.00061EPSS

CVE•added 2025/05/07 3:15 p.m.•38 views

CVE-2025-47448

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking allows Cross Site Request Forgery. This issue affects WP Hotel Booking: from n/a through 2.1.9.

4.3CVSS4.6AI score0.0002EPSS