Summary: The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.Published: Monday, May 20, 2019 - 16:29cvss: