Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to get the booking data by guessing / brute-forcing easy predictable booking IDs via search POST requests.
References
Link | Resource |
---|---|
https://patchstack.com/database/vulnerability/vikbooking/wordpress-vikbooking-hotel-booking-engine-pms-plugin-1-5-3-sensitive-data-exposure-vulnerability | Release Notes Third Party Advisory |
https://wordpress.org/plugins/vikbooking/#developers | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Patchstack
Published: 2022-04-18T00:00:00
Updated: 2022-04-19T20:26:26
Reserved: 2022-03-24T00:00:00
Link: CVE-2022-27863
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-19T21:15:18.867
Modified: 2022-04-28T03:44:06.820
Link: CVE-2022-27863
JSON object: View
Redhat Information
No data.
CWE