Browse all 6 CVE security advisories affecting bookingalgorithms. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Bookingalgorithms develops reservation management systems for hospitality and travel industries. Historically, the platform has been vulnerable to multiple remote code execution flaws, cross-site scripting attacks, and privilege escalation issues, with six CVEs documented. These vulnerabilities often stem from insufficient input validation and improper access controls. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests potential risks for clients handling sensitive guest data. The company's systems process high volumes of personal and payment information, making security critical. Recent patches indicate ongoing efforts to address these issues, though the frequency of vulnerabilities warrants careful implementation and monitoring by users.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-24371 | WordPress BA Book Everything plugin <= 1.8.16 - Broken Access Control vulnerability — BA Book EverythingCWE-862 | 4.3 | Medium | 2026-01-22 |
| CVE-2025-14449 | BA Book Everything <= 1.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via babe-search-form Shortcode — BA Book EverythingCWE-79 | 6.4 | Medium | 2025-12-19 |
| CVE-2024-47360 | WordPress BA Book Everything plugin <= 1.6.20 - Reflected Cross Site Scripting (XSS) vulnerability — BA Book EverythingCWE-79 | 7.1 | High | 2024-10-06 |
| CVE-2024-8794 | BA Book Everything <= 1.6.20 - Unauthenticated Arbitrary User Password Reset — BA Book EverythingCWE-620 | 5.3 | Medium | 2024-09-24 |
| CVE-2024-8795 | BA Book Everything <= 1.6.20 - Cross-Site Request Forgery to Email Address Update/Account Takeover — BA Book EverythingCWE-352 | 8.8 | High | 2024-09-24 |
| CVE-2024-3672 | BA Book Everything <= 1.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — BA Book EverythingCWE-79 | 6.4 | Medium | 2024-04-16 |
This page lists every published CVE security advisory associated with bookingalgorithms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.