Tourfic Ai Powered Travel Booking Hotel Booking Car Rental Wordpress Plugin
Monthly
Unauthenticated SQL injection in the Tourfic WordPress travel-booking plugin (versions through 2.22.7) lets remote attackers read arbitrary database contents via the 'post_id' parameter of the tf_room_availability AJAX action. Because the action is registered for logged-out users (wp_ajax_nopriv) and the required nonce is publicly emitted on single-hotel pages, no authentication is needed in practice. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Unauthenticated SQL injection in the Tourfic WordPress travel-booking plugin (versions through 2.22.7) lets remote attackers read arbitrary database contents via the 'post_id' parameter of the tf_room_availability AJAX action. Because the action is registered for logged-out users (wp_ajax_nopriv) and the required nonce is publicly emitted on single-hotel pages, no authentication is needed in practice. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.