CVE-2019-12239

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WP Booking System plugin version 1.5.1

Description The issue is related to the lack of CSRF protection, which can allow attackers to exploit certain SQL injection issues that require administrative access.

Recommendations For WP Booking System plugin version 1.5.1, consider implementing CSRF protection measures to prevent exploitation of SQL injection issues until a patch is available.

Exploit

Fix

CSRF

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352CWE-89

Related Identifiers

CVE-2019-12239

Affected Products

Wp Booking System

CVE-2019-12239

Weakness Enumeration

Related Identifiers

Affected Products

References · 5