Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as adding a booking to the calendar without paying.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 1.3.83 |