2019-05-20 19:38:49
mitre
PUBLISHED
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.