First published: Mon Aug 22 2022(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Thimpress Wp Hotel Booking | <=1.10.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-36852 is a Cross-Site Request Forgery (CSRF) vulnerability in the ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress.
CVE-2021-36852 has a severity level of high.
The ThimPress WP Hotel Booking plugin versions up to and including 1.10.5 are affected by CVE-2021-36852.
To fix CVE-2021-36852, update the ThimPress WP Hotel Booking plugin to version 1.10.6 or later.
You can find more information about CVE-2021-36852 at the following references: [Patchstack](https://patchstack.com/database/vulnerability/wp-hotel-booking/wordpress-wp-hotel-booking-plugin-1-10-5-cross-site-request-forgery-csrf-vulnerability) and [WordPress Plugin Directory](https://wordpress.org/plugins/wp-hotel-booking/#developers).