Booking Project Booking — known CVE vulnerabilities
Every CVE whose affected-product data names Booking Project Booking, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2019-15774 — CVSS 6.1 (medium): The nd-booking plugin before 2.5 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting.