Back to search
CVE-2023-5651
Published: Nov 20, 2023
Modified: Oct 1, 2024
PUBLISHED
Description
The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated users, such as subscriber to delete arbitrary posts
| Vendor | Product | Versions |
|---|---|---|
Unknown | WP Hotel Booking | affected 0 - < 2.0.8 |
References
https://wpscan.com/vulnerability/a365c050-96ae-4266-aa87-850ee259ee2c
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now