The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php.
References
Link | Resource |
---|---|
https://appcheck-ng.com/cve-2020-29047/ | Exploit Third Party Advisory |
https://wordpress.org/plugins/wp-hotel-booking/#developers | Product Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-03-03T17:15:29
Updated: 2021-03-03T17:15:29
Reserved: 2020-11-24T00:00:00
Link: CVE-2020-29047
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-03T18:15:13.783
Modified: 2021-03-10T13:21:47.277
Link: CVE-2020-29047
JSON object: View
Redhat Information
No data.
CWE