Filtered by vendor Avirato Subscriptions
Filtered by product Hotels Online Booking Engine Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-0768 1 Avirato 1 Hotels Online Booking Engine 2024-11-21 8.8 High
The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks.