Описание
The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value (e.g., sending negative or out-of-range values) by intercepting and modifying requests.
EPSS
Процентиль: 14%
0.00045
Низкий
9.1 Critical
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 9.1
github
5 месяцев назад
The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value (e.g., sending negative or out-of-range values) by intercepting and modifying requests.
EPSS
Процентиль: 14%
0.00045
Низкий
9.1 Critical
CVSS3