CVE-2019-12239

CVE-2019-12239

EPSS 0.9%

The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://dumpco.re/bugs/wp-plugin-wp-booking-system-sqli https://wordpress.org/plugins/wp-booking-system/#developers https://wpvulndb.com/vulnerabilities/9284