Vulnerability: Lack of CSRF Protection in WP Booking System Plugin 1.5.1 for WordPress

Vulnerability: Lack of CSRF Protection in WP Booking System Plugin 1.5.1 for WordPress

CVE-2019-12239 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.

Learn more about our Wordpress Pen Testing.