WP Hotel Booking WordPress plugin before 2.0.8 contains a SQL injection caused by lack of authorization, CSRF checks, and input escaping in a function hooked to admin_init, letting unauthenticated users perform SQL injections, exploit requires no authentication. [已公开] id: CVE-2023-5652 info: name: WP Hotel Booking <= 2.0.7 - SQL Injection author: Shivam Kamboj severity: critical description: | WP Hotel Booking WordPress plugin before 2.0.8 contains a SQL injection caused by lack of authorization, CSRF checks, and input escaping in a function hooked to admin_init, letting unauthenticated users perform SQL injections, exploit requires no authentication. impact: | Unauthenticated attackers can execute arbitrary SQL commands, potentially leading to data theft, modification, or deletion. remediation: | Update to version 2.0.8 or later. reference: - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-hotel-booking/wp-hotel-booking-207-unauthenticated-sql-injection - https://nvd.nist.gov/vuln/detail/CVE-2023-5652 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-5652 epss-score: 0.71412 epss-percentile: 0.98

WP Hotel Booking

POC: 已公开