ГлавнаяУязвимости → CVE-2025-8942
9.1критическая

CVE-2025-8942

Описание

The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value (e.g., sending negative or out-of-range values) by intercepting and modifying requests.

CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://wpscan.com/vulnerability/d89bb3b2-40ad-4c4f-9f17-4ccacc0f6e1a/https://wpscan.com/vulnerability/d89bb3b2-40ad-4c4f-9f17-4ccacc0f6e1a/