CVE-2020-29047

2021-03-03 19:15:00 2021-03-10 14:21:00

The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Thimpress Wp hotel booking * * * * (not an official CPE)

Thimpress - Wp hotel booking

Advisory	Patch	Confirmed	Link
			https://wordpress.org/plugins/wp-hotel-booking/#develope...
			https://appcheck-ng.com/cve-2020-29047/