All 2 CVE vulnerabilities found in CozyStay - Hotel Booking WordPress Theme, with AI-generated Chinese analysis, references, and POCs.
Vendor: LoftOcean
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-13412 | CozyStay <= 1.7.0 - Missing Authorization to Arbitrary Action Execution in ajax_handler CWE-862 | 7.5 | High | 2025-03-19 |
| CVE-2024-13410 | CozyStay <= 1.7.0 and TinySalt <= 3.9.0 - Unauthenticated PHP Object Injection in ajax_handler CWE-502 | 9.8 | Critical | 2025-03-19 |
All 2 known CVE vulnerabilities affecting CozyStay - Hotel Booking WordPress Theme with full Chinese analysis, references, and POCs where available.