CVE-2025-60168 | HotelRunner Booking Widget Plugin up to 1.6 on WordPress cross-site request forgery

A vulnerability, which was classified as problematic, was found in HotelRunner Booking Widget Plugin up to 1.6 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation results in cross-site request forgery.

This vulnerability is known as CVE-2025-60168. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More