CVE-2023-4251

Name of the Vulnerable Software and Affected Versions EventPrime WordPress plugin versions prior to 3.2.0

Description The issue concerns a lack of CSRF checks when creating bookings. This could allow attackers to make logged-in users create unwanted bookings via CSRF attacks.

Recommendations For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the booking creation feature to minimize the risk of exploitation.