VYPR

Online Booking Engine

by WordPress

Source repositories

CVEs (2)

  • CVE-2023-0768HigMay 8, 2023
    risk 0.57cvss 8.8epss 0.01

    The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks.

  • CVE-2025-58661MedSep 22, 2025
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eZee Technosys eZee Online Hotel Booking Engine online-booking-engine allows Stored XSS.This issue affects eZee Online Hotel Booking Engine: from n/a through <= 1.0.0.