Product
thimpress wp hotel booking
12 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-13447
CVE-2024-12370
CVE-2024-51582
CVE-2024-7855
CVE-2024-3605
CVE-2024-30508
CVE-2023-5799
CVE-2023-5652
CVE-2023-5651
CVE-2020-36757
CVE-2021-36852
CVE-2020-29047
< 2.1.7
The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ho
< 2.1.6
The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check whe
<= 2.1.4
Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows PHP Local File Inclusion.This issu
< 2.1.3
The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the updat
<= 2.1.0
The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'room_type' parameter of the /wphb/v1/rooms/searc
< 2.0.9.3
Missing Authorization vulnerability in ThimPress WP Hotel Booking.This issue affects WP Hotel Booking: from n/a through 2.0.9.2.
< 2.0.8
The WP Hotel Booking WordPress plugin before 2.0.8 does not have proper authorisation when deleting a package, allowing Contributo
< 2.0.8
The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not escape user in
< 2.0.8
The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that th
<= 1.10.1
The WP Hotel Booking plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.10.1. Th
<= 1.10.5
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress.
<= 1.10.2
The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unseriali