Published: 13/01/2020 Updated: 14/01/2020
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Summary

The CTHthemes CityBook prior to 2.3.4, TownHub prior to 1.0.6, and EasyBook prior to 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing.

Vulnerability Trend