eaSYNC Booking – Hotels, Restaurants & Car Rentals

Vulnerabilities 10Slug easync-bookingLatest version 1.3.29WordPress.org →

Minimum safe version

1.3.22

Update to 1.3.22 or later to address 10 fixable vulnerabilities

Latest available1.3.29 ✓

Medium 5.3

2025-05-31< 1.3.22

Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking <= 1.3.21 - Insecure Direct Object Reference to Sensitive Information Exposure

EUVD Wordfence CVE

Medium 6.5

2025-05-15< 1.3.15

Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking <= 1.3.14 - Cross-Site Request Forgery

EUVD Wordfence CVE

Medium 5.4

2025-04-04< 1.3.21

CVE-2025-32219

CVE Patchstack Wordfence EUVD

Medium 6.3

2024-10-16< 1.1.10

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

N/A

2023-07-18< 1.3.7

WordPress eaSYNC Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

High 7.1

2023-08-08< 1.3.12

CVE-2023-38384

CVE Wordfence Patchstack WPScan

N/A

2022-03-04< 1.1.10

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

Critical 9.8

2022-07-11< 1.1.16

CVE-2022-1952

CVE Patchstack Wordfence WPScan

N/A

2022-02-28< 1.1.10

WordPress Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC plugin <= 1.1.9 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 1.1.10

WordPress Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC plugin <= 1.1.9 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack