PT-2025-43793 · Travon Wp+1 · Flights &Amp; Hotels Booking Wp Plugin

Published

2025-10-27

·

Updated

2025-10-27

·

CVE-2025-62916

CVSS v3.1

5.4

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Missing Authorization vulnerability in Travon WP Flights & Hotels Booking WP Plugin adiaha-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flights & Hotels Booking WP Plugin: from n/a through <= 3.1.

Fix

Missing Authorization

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2025-62916

Affected Products

Flights &Amp; Hotels Booking Wp Plugin