Vulnerability: Lack of CSRF Protection in WP Booking System Plugin 1.5.1 for WordPress
CVE-2019-12239 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.
Learn more about our Wordpress Pen Testing.