CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13447 – WP Hotel Booking <= 2.1.6 - Missing Authorization to Authenticated (Subscriber+) User Email Retrieval
https://notcve.org/view.php?id=CVE-2024-13447
21 Jan 2025 — The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hotel_booking_load_order_user AJAX action in all versions up to, and including, 2.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve a list of registered user emails. • https://plugins.trac.wordpress.org/browser/wp-hotel-booking/trunk/assets/js/admin/admin.hotel-booking.js#L621 • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12370 – WP Hotel Booking <= 2.1.5 - Missing Authorization
https://notcve.org/view.php?id=CVE-2024-12370
16 Jan 2025 — The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check when adding rooms in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to add rooms with custom prices. El complemento WP Hotel Booking para WordPress es vulnerable a la modificación no autorizada de datos debido a una verificación de capacidad faltante al agregar habitaciones en todas las versiones hasta la 2.1.5 incluida. Esto hace posi... • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3210798%40wp-hotel-booking%2Ftags%2F2.1.5&new=3214765%40wp-hotel-booking%2Ftags%2F2.1.6 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 8%CPEs: 1EXPL: 0CVE-2024-7855 – WP Hotel Booking <= 2.1.2 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-7855
01 Oct 2024 — The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_review() function in all versions up to, and including, 2.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/wp-hotel-booking/trunk/includes/class-wphb-comments.php#L150 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 44%CPEs: 1EXPL: 1CVE-2024-3605 – WP Hotel Booking <= 2.1.0 - Unauthenticated SQL Injection
https://notcve.org/view.php?id=CVE-2024-3605
19 Jun 2024 — The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'room_type' parameter of the /wphb/v1/rooms/search-rooms REST API endpoint in all versions up to, and including, 2.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. El co... • https://github.com/RandomRobbieBF/CVE-2024-3605 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5799 – WP Hotel Booking < 2.0.9 - Contributor+ Arbitrary Post Deletion
https://notcve.org/view.php?id=CVE-2023-5799
26 Oct 2023 — The WP Hotel Booking WordPress plugin before 2.0.8 does not have proper authorisation when deleting a package, allowing Contributor and above roles to delete posts that do no belong to them El complemento WP Hotel Booking de WordPress anterior a 2.0.8 no tiene la autorización adecuada al eliminar un paquete, lo que permite que los roles Colaborador y superiores eliminen publicaciones que no les pertenecen. The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to in... • https://wpscan.com/vulnerability/3061f85e-a70e-49e5-bccf-ae9240f51178 • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 18%CPEs: 1EXPL: 1CVE-2023-5652 – WP Hotel Booking < 2.0.8 - Unauthenticated SQLi
https://notcve.org/view.php?id=CVE-2023-5652
26 Oct 2023 — The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not escape user input before using it in a SQL statement of a function hooked to admin_init, allowing unauthenticated users to perform SQL injections El complemento WP Hotel Booking de WordPress anterior a 2.0.8 no tiene autorización ni controles CSRF, y tampoco escapa a la entrada del usuario antes de usarlo en una declaración SQL de una función vinculada a admin_init, lo que permite a usuarios n... • https://wpscan.com/vulnerability/8ea46b9a-5239-476b-949d-49546371eac1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5651 – WP Hotel Booking < 2.0.8 - Subscriber+ Arbitrary Post Deletion
https://notcve.org/view.php?id=CVE-2023-5651
20 Oct 2023 — The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated users, such as subscriber to delete arbitrary posts El complemento WP Hotel Booking de WordPress anterior a 2.0.8 no tiene autorización ni controles CSRF, además no garantiza que el paquete que se eliminará sea un paquete, lo que permite a cualquier usuario autenticado, como un suscriptor, eliminar publicaciones arb... • https://wpscan.com/vulnerability/a365c050-96ae-4266-aa87-850ee259ee2c • CWE-732: Incorrect Permission Assignment for Critical Resource CWE-862: Missing Authorization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36852 – WordPress WP Hotel Booking plugin <= 1.10.5 - Cross-Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2021-36852
02 Aug 2022 — Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el plugin ThimPress WP Hotel Booking versiones anteriores a 1.10.5, incluyéndola, en WordPress. The WP Hotel Booking plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.10.5 due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to trigger action... • https://patchstack.com/database/vulnerability/wp-hotel-booking/wordpress-wp-hotel-booking-plugin-1-10-5-cross-site-request-forgery-csrf-vulnerability • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 75%CPEs: 1EXPL: 1CVE-2020-29047 – WP Hotel Booking <= 1.10.3 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-29047
08 Dec 2020 — The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php. El plugin wp-hotel-booking versiones hasta 1.10.2 para WordPress, permite a atacantes remotos ejecutar código arbitrario debido a una operación de deserializar en la cookie thimpress_hotel_booking_1 en la carga en el archivo includes/classwphb-sessions.php The wp-hotel-booking plugin... • https://appcheck-ng.com/cve-2020-29047 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36757 – WP Hotel Booking <= 1.10.1 - Cross-Site Request Forgery Bypass
https://notcve.org/view.php?id=CVE-2020-36757
16 Sep 2020 — The WP Hotel Booking plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.10.1. This is due to missing or incorrect nonce validation on the admin_add_order_item() function. This makes it possible for unauthenticated attackers to add an order item via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks • CWE-352: Cross-Site Request Forgery (CSRF) •