CVE-2020-29047

Name of the Vulnerable Software and Affected Versions: wp-hotel-booking plugin versions 1.10.2 and earlier

Description: The issue allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress hotel booking 1 cookie in the includes/class-wphb-sessions.php file. This operation can be exploited to gain unauthorized access and execute malicious code.

Recommendations: For versions 1.10.2 and earlier, update to a version later than 1.10.2 to resolve the issue. As a temporary workaround, consider restricting access to the includes/class-wphb-sessions.php file or disabling the use of the thimpress hotel booking 1 cookie until a patch is available.