CVE 4.3 MEDIUM

CBX Restaurant Booking <= 1.2.1 - Plugin Reset via CSRF_CVE-2025-7965

August 11, 2025 invoker category_cve
4.3 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Description

The CBX Restaurant Booking WordPress plugin through 1.2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Basic Information

ID CVE-2025-7965
Source WPScan
Published Aug 11, 2025 at 06:00
Modified Aug 11, 2025 at 14:55

Affected Product

Vendor Unknown
Product CBX Restaurant Booking
Affected Versions Unknown CBX Restaurant Booking 0

CWE Classification

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.