CVE-2025-6814 – Booking X WordPress Unauthorized Data Access Vulnerability

July 3, 2025

CVE ID : CVE-2025-6814

Published : July 4, 2025, 3:15 a.m. | 22 minutes ago

Description : The Booking X plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_now() function in versions 1.0 to 1.1.2. This makes it possible for unauthenticated attackers to download all plugin data, including user accounts, user meta, and PayPal credentials, by issuing a crafted POST request.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7046 – Elementor & Image Gallery PowerFolio WordPress Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-6787 – WordPress Smart Docs Stored Cross-Site Scripting

Highlights

YONO SBI Banking App Vulnerability Let Attackers Execute a Man-in-the-Middle Attack

July 2, 2025

YONO SBI Banking App Vulnerability Let Attackers Execute a Man-in-the-Middle Attack

A significant security flaw has been identified in the popular YONO SBI banking application that could potentially expose millions of users to cybersecurity threats.
The vulnerability, designated as C …
Read more

Published Date:
Jul 02, 2025 (3 hours, 18 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-45080

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

Looking to Outsource React.js Development? Here’s What Top Agencies Are Doing Right

Beyond The Hype: What AI Can Really Do For Product Design

BrowserStack launches Chrome extension that bundles 10+ manual web testing tools

How much RAM does your Linux PC really need in 2025?

Have solar at home? Supercharge that investment with this other crucial component

I replaced my MacBook charger with this compact wall unit – and wish I’d done it sooner

5 reasons to switch to an immutable Linux distro today – and which to try first

Sentry Adds Logs Support for Laravel Apps

Sentry Adds Logs Support for Laravel Apps

Efficient Context Management with Laravel’s Remember Functions

Laravel Devtoolbox: Your Swiss Army Knife Artisan CLI

From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

We gave OpenAI’s open-source AI a kid’s test — here’s what happened

With GTA 6, next-gen exclusives, and a console comeback on the horizon, Xbox risks sitting on the sidelines — here’s why

CVE-2025-6814 – Booking X WordPress Unauthorized Data Access Vulnerability

Workday Staff Fall to Social Engineering; Hackers Access Third-Party CRM Platform

Get Ready for the Black Hat USA 2025 CISO Podcast Series from The Cyber Express and Suraksha Catalyst

NVIDIA System Monitor is a task manager monitoring your GPU

Raspberry Pi 5 Desktop Mini PC: raspi-config

ONLYOFFICE Adds an “AI Agent” to Help You Work “Effortlessly”

CVE-2025-46532 – Haris Zulfiqar Tooltip Cross-site Scripting (XSS)

YONO SBI Banking App Vulnerability Let Attackers Execute a Man-in-the-Middle Attack

CVE-2025-6233 – Mattermost File Attachment Path Traversal Vulnerability

June report 2025

CVE-2024-44905 – Go-Pg SQL Injection Vulnerability

CVE-2025-6814 – Booking X WordPress Unauthorized Data Access Vulnerability

Related Posts