[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsDUG1IwdpsDlP1_2-83jmTrdaNO_y6F11MzZUKiYA-o":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2025-68027","hydra-booking-unauthenticated-privilege-escalation","Hydra Booking \u003C= 1.1.32 - Unauthenticated Privilege Escalation","The Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.32. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.","hydra-booking",null,"\u003C=1.1.32","1.1.33","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Privilege Management","2026-01-21 00:00:00","2026-01-28 16:00:35",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa0998721-7b5e-4657-894c-52dfadde5d4a?source=api-prod",8]