CVE-2025-7689 | Hydra Booking Plugin up to 1.1.18 on WordPress tfhb_reset_password_callback authorization

A vulnerability was found in Hydra Booking Plugin up to 1.1.18 on WordPress and classified as critical. This issue affects the function tfhb_reset_password_callback. The manipulation leads to missing authorization.

The identification of this vulnerability is CVE-2025-7689. The attack may be initiated remotely. There is no exploit available.VulDB Recent EntriesRead More