Syntacticsinc Easync
4 CVEs affecting Syntacticsinc Easync. Latest disclosed: 2025-05-31. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-1952 | Critical | 9.8 | 2022-07-11 | The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrar… |
CVE-2023-38384 | High | 7.1 | 2023-08-08 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Syntactics, Inc. EaSYNC plugin <= 1.3.7 versions. |
CVE-2024-9450 | Medium | 6.5 | 2025-05-15 | The Free Booking Plugin for Hotels, Restaurants and Car Rentals WordPress plugin before 1.3.15 does not have CSRF check in place when updating its settings, w… |
CVE-2025-4691 | Medium | 5.3 | 2025-05-31 | The Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking plugin for WordPress is vulnerable to Insecure Direct Object Reference in all… |