Описание
Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to get the booking data by guessing / brute-forcing easy predictable booking IDs via search POST requests.
Ссылки
- Release NotesThird Party Advisory
- Vendor Advisory
- Release NotesThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.5.3 (включая)
cpe:2.3:a:vikwp:vikbooking_hotel_booking_engine_\&_property_management_system_plugin:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 65%
0.00495
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
почти 4 года назад
Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to get the booking data by guessing / brute-forcing easy predictable booking IDs via search POST requests.
EPSS
Процентиль: 65%
0.00495
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200