CVE-2023-5652
N/A
N/A
Summary
The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not escape user input before using it in a SQL statement of a function hooked to admin_init, allowing unauthenticated users to perform SQL injections
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | WP Hotel Booking | 0 < 2.0.8 | affected |
Weaknesses
- CWE-89 SQL Injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.