WP Hotel Booking WordPress Plugin Rating Manipulation Vulnerability

A vulnerability exists in the WP Hotel Booking WordPress plugin in versions prior to 2.2.3, where the plugin fails to implement adequate server-side validation for review ratings. This flaw allows attackers to intercept and modify requests to manipulate rating values, such as introducing negative or out-of-range ratings. The vulnerability could be exploited by altering the 'rating' parameter in the review submission request.

Impact

Exploitation of this vulnerability allows for unauthorized manipulation of review ratings, including the introduction of negative or out-of-range values, disrupting the intended rating system.

Reproduction

To reproduce this vulnerability, navigate to an existing room's detail page and go to the 'Review' tab. Fill out the review form with a valid rating and review text, then submit the review while intercepting the request. In the intercepted request, locate the 'rating' parameter and change its value to a negative number, such as '-1000'. Forward the modified request to the server and verify that the server accepts and stores the negative rating, thereby breaking the intended rating scale.

Remediation

Users are advised to update the WP Hotel Booking WordPress plugin to version 2.2.3 or later.