Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Truebooker
(Themetechmount)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-05-07 | CVE-2025-47543 | Cross-Site Request Forgery (CSRF) vulnerability in themetechmount TrueBooker allows Cross Site Request Forgery. This issue affects TrueBooker: from n/a through 1.0.7. | Truebooker | N/A | ||
| 2024-09-08 | CVE-2024-6924 | The TrueBooker WordPress plugin before 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. | Truebooker | 9.8 | ||
| 2024-09-08 | CVE-2024-6925 | The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. | Truebooker | 4.3 |