The EventPrime WordPress plugin up to and including 3.2.9 specifies the price of a booking in the client request, allowing an malicious user to purchase bookings without payment.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
metagauss eventprime |