CVE-2024-30508Missing Authorization in WP Hotel Booking

CWE-862Missing Authorization3 documents3 sources
Severity
9.8CRITICALNVD
CNA6.5
EPSS
0.2%
top 52.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Thimpress WP Hotel Booking
Timeline
PublishedMar 29

Description

Missing Authorization vulnerability in ThimPress WP Hotel Booking.This issue affects WP Hotel Booking: from n/a through 2.0.9.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5thimpress/wp_hotel_bookingn/a2.0.9.2

🔴Vulnerability Details

2
CVEList
WordPress WP Hotel Booking plugin <= 2.0.9.2 - Broken Access Control vulnerability2024-03-29
GHSA
GHSA-35gq-67f6-phh5: Missing Authorization vulnerability in ThimPress WP Hotel Booking2024-03-29
CVE-2024-30508 — Missing Authorization | cvebase