PT-2025-49971 · WordPress · Fluent Booking
Published
2025-12-09
·
Updated
2025-12-14
·
CVE-2025-67597
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Shahjahan Jewel Fluent Booking versions through 1.9.11
Description
An incorrect access control configuration allows unauthorized access to the Fluent Booking plugin. The issue is due to missing authorization checks, potentially allowing attackers to bypass security measures.
Recommendations
Update Fluent Booking to a version newer than 1.9.11.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fluent Booking