{"id":76112,"date":"2026-02-02T09:30:03","date_gmt":"2026-02-02T06:00:03","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-0658-five-star-restaurant-reservations-2-7-9-arbitrary-bookings-deletion-via-csrf\/"},"modified":"2026-02-02T09:30:03","modified_gmt":"2026-02-02T06:00:03","slug":"cve-2026-0658-five-star-restaurant-reservations-2-7-9-arbitrary-bookings-deletion-via-csrf","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-0658-five-star-restaurant-reservations-2-7-9-arbitrary-bookings-deletion-via-csrf\/","title":{"rendered":"CVE-2026-0658 &#8211; Five Star Restaurant Reservations &lt; 2.7.9 &#8211; Arbitrary Bookings Deletion via CSRF"},"content":{"rendered":"<p>CVE ID : CVE-2026-0658<\/p>\n<p>Published :  Feb. 2, 2026, 6 a.m. | 1\u00a0hour, 15\u00a0minutes ago<\/p>\n<p>Description : The Five Star Restaurant Reservations  WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks.<\/p>\n<p>Severity: 0.0 | NA<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2026-0658 Published : Feb. 2, 2026, 6 a.m. | 1\u00a0hour, 15\u00a0minutes ago Description : The Five Star Restaurant Reservations WordPress plugin before 2.7.9 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting bookings via CSRF attacks. Severity: &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-76112","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/76112","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=76112"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/76112\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=76112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=76112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=76112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}