Thimpress: >> Wp Hotel Booking >> 1.1.1 Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-08-22
The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php.
CVSS Score
9.8
EPSS Score
0.13
Published
2021-03-03
Page 2