← Back to CVE List
CVE-2023-5799
The WP Hotel Booking WordPress plugin before 2.0.8 does not have proper authorisation when deleting a package, allowing Contributor and above roles to delete posts that do no belong to them
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt