Hydra Booking
Approved changes feed: RSS · Atom
cpe:2.3:a:themefic:hydra_booking:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Themefic (69fae1e1-81cb-5dd5-92a6-9e186c18d282) |
|---|---|
| Product | Hydra Booking (71ba39e3-470c-50c0-8f3b-79cb5ef3472a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-39541 |
vulnerable | 2026-06-08 08:01:16.628775 |
WordPress Hydra Booking plugin <= 1.1.38 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a through <= 1.1.38.
Published: 2026-04-08T08:30:17.312Z
Updated: 2026-04-29T09:52:02.050Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-68055 |
vulnerable | 2026-06-08 07:41:20.776602 |
WordPress Hydra Booking plugin <= 1.1.32 - SQL Injection vulnerability
HIGH (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through <= 1.1.32.
Published: 2025-12-16T08:12:59.985Z
Updated: 2026-04-28T16:14:27.805Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-68027 |
vulnerable | 2026-06-08 07:41:20.743232 |
WordPress Hydra Booking plugin <= 1.1.32 - Privilege Escalation vulnerability
HIGH (7.3)
Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking hydra-booking allows Privilege Escalation.This issue affects Hydra Booking: from n/a through <= 1.1.32.
Published: 2026-01-22T16:52:04.595Z
Updated: 2026-04-28T19:55:40.115Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49378 |
vulnerable | 2026-06-08 07:29:12.995605 |
WordPress Hydra Booking plugin <= 1.1.10 - SQL Injection vulnerability
HIGH (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through <= 1.1.10.
Published: 2025-10-22T14:32:09.452Z
Updated: 2026-04-28T16:13:02.542Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49377 |
vulnerable | 2026-06-08 07:29:12.995345 |
WordPress Hydra Booking plugin <= 1.1.9 - Broken Access Control vulnerability
MEDIUM (6.3)
Missing Authorization vulnerability in Themefic Hydra Booking hydra-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hydra Booking: from n/a through <= 1.1.9.
Published: 2025-10-22T14:32:09.195Z
Updated: 2026-04-28T16:13:02.685Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49323 |
vulnerable | 2026-06-08 07:29:12.924021 |
WordPress Hydra Booking plugin <= 1.1.10 - SQL Injection Vulnerability
HIGH (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through <= 1.1.10.
Published: 2025-06-06T12:53:54.778Z
Updated: 2026-04-28T16:13:01.080Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.