| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-51895 | WordPress Minical Hotel Booking Plugin plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability | pankaj9296 | Minical Hotel Booking Plugin | Medium | 6.5 | 2024-11-19 16:31:11 | Deep Dive |
| CVE-2024-51582 | WordPress WP Hotel Booking plugin <= 2.2.9 - Local File Inclusion vulnerability | ThimPress | WP Hotel Booking | High | 7.5 | 2024-11-04 13:38:39 | Deep Dive |
| CVE-2024-7855 | WP Hotel Booking <= 2.1.2 - Authenticated (Subscriber+) Arbitrary File Upload | thimpress | WP Hotel Booking | High | 8.8 | 2024-10-02 04:31:18 | Deep Dive |
| CVE-2024-8319 | Tourfic <= 2.11.20 - Cross-Site Request Forgery in Multiple Functions | themefic | Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress Plugin | Medium | 4.3 | 2024-08-30 07:33:10 | Deep Dive |
| CVE-2024-3605 | WP Hotel Booking <= 2.1.0 - Unauthenticated SQL Injection | thimpress | WP Hotel Booking | Critical | 10.0 | 2024-06-20 02:08:22 | Deep Dive |
| CVE-2024-4413 | Hotel Booking Lite <= 4.11.1 - Unauthenticated PHP Object Injection | jetmonsters | MotoPress Hotel Booking | Critical | 9.8 | 2024-05-10 21:32:41 | Deep Dive |
| CVE-2024-2441 | VikBooking < 1.6.8 - Insecure Direct Object References | Unknown | VikBooking Hotel Booking Engine & PMS | 中危 | - | 2024-05-10 06:00:02 | Deep Dive |
| CVE-2024-2749 | VikBooking < 1.6.8 - Broken Access Control | Unknown | VikBooking Hotel Booking Engine & PMS | 高危 | - | 2024-05-10 06:00:02 | Deep Dive |
| CVE-2024-32563 | WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability | VikBooking Hotel Booking Engine & PMS | VikBooking Hotel Booking Engine & PMS | High | 7.1 | 2024-04-18 09:57:39 | Deep Dive |
| CVE-2024-30508 | WordPress WP Hotel Booking plugin <= 2.0.9.2 - Broken Access Control vulnerability | ThimPress | WP Hotel Booking | Medium | 6.5 | 2024-03-29 14:17:21 | Deep Dive |
| CVE-2023-5991 | Hotel Booking Lite < 4.8.5 - Unauthenticated Arbitrary File Download & Deletion | Unknown | Hotel Booking Lite | - | - | 2023-12-26 18:33:14 | Deep Dive |
| CVE-2023-5651 | WP Hotel Booking < 2.0.8 - Subscriber+ Arbitrary Post Deletion | Unknown | WP Hotel Booking | - | - | 2023-11-20 18:55:09 | Deep Dive |
| CVE-2023-5799 | WP Hotel Booking < 2.0.9 - Contributor+ Arbitrary Post Deletion | Unknown | WP Hotel Booking | - | - | 2023-11-20 18:55:08 | Deep Dive |
| CVE-2023-5652 | WP Hotel Booking < 2.0.8 - Unauthenticated SQLi | Unknown | WP Hotel Booking | - | - | 2023-11-20 18:55:06 | Deep Dive |
| CVE-2023-28498 | WordPress Hotel Booking Lite Plugin <= 4.6.0 is vulnerable to Cross Site Request Forgery (CSRF) | MotoPress | Hotel Booking Lite | Medium | 4.3 | 2023-11-12 21:57:22 | Deep Dive |
| CVE-2023-32501 | WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.6.1 is vulnerable to Cross Site Request Forgery (CSRF) | E4J s.r.l. | VikBooking Hotel Booking Engine & PMS | 高危 | - | 2023-11-09 22:18:57 | Deep Dive |
| CVE-2020-36757 | WP Hotel Booking <= 1.10.1 - Cross-Site Request Forgery Bypass | thimpress | WP Hotel Booking | Medium | 4.3 | 2023-07-12 06:52:35 | Deep Dive |
| CVE-2023-3564 | GZ Scripts GZ Multi Hotel Booking System index.php cross site scripting | GZ Scripts | GZ Multi Hotel Booking System | Low | 3.5 | 2023-07-08 17:00:04 | Deep Dive |
| CVE-2023-3561 | GZ Scripts PHP GZ Hotel Booking Script load.php cross site scripting | GZ Scripts | PHP GZ Hotel Booking Script | Low | 3.5 | 2023-07-08 15:31:03 | Deep Dive |
| CVE-2023-25707 | WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF) | E4J s.r.l. | VikBooking Hotel Booking Engine & PMS | Medium | 6.3 | 2023-05-23 12:36:41 | Deep Dive |