VYPR

Adiaha Hotel

by WordPress

Source repositories

CVEs (3)

  • CVE-2023-54359HigApr 9, 2026
    risk 0.53cvss 8.2epss 0.00

    WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint…

  • CVE-2023-54358MedApr 9, 2026
    risk 0.40cvss 6.1epss 0.00

    WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the isMobile parameter. Attackers can craft malicious URLs containing JavaScript payloads in the isMobile…

  • CVE-2025-62916MedOct 27, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Travon WP Flights & Hotels Booking WP Plugin adiaha-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flights & Hotels Booking WP Plugin: from n/a through <= 3.1.