WordPress Plugin Vulnerabilities

VikBooking Hotel Booking Engine & PMS < 1.5.7 - Stored Cross-Site Scripting via CSRF

Description

The plugin does not have CSRF check in place when adding a tracking campaign, and does not escape the campaign fields when outputting them In attributes. As a result, attackers could make a logged in admin add tracking campaign with XSS payloads in them via a CSRF attack

Proof of Concept

Affects Plugins

Plugin icon
vikbooking
Fixed in 1.5.7

References

CVE
CVE-2022-1407

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
Gabriel3476
Submitter
Gabriel3476
Submitter website
https://github.com/Gabriel3476/
Verified
Yes
WPVDB ID
19a9e266-daf6-4cc5-a300-2b5436b6d07d

Timeline

Publicly Published
2022-04-21 (about 3 years ago)
Added
2022-04-21 (about 3 years ago)
Last Updated
2022-04-22 (about 3 years ago)

Other

Published
Title
Published
2025-03-11
Title
Members page only for logged in users <= 1.4.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2025-04-09
Title
WP shop <= 2.6.1 - Arbitrary File Upload via CSRF
Published
2024-04-29
Title
5280 Bootstrap Modal Contact Form <= 1.0 - Cross-Site Request Forgery to Bulk Delete Messages
Published
2024-04-12
Title
Legal Pages < 1.4.3 - Cross-Site Request Forgery
Published
2024-07-10
Title
Metorik – Reports & Email Automation for WooCommerce < 1.7.2 - Cross-Site Request Forgery