Shared security patch analysis results
AI Used: claude_cli haikuComprehensive security analysis generated by AI for each confirmed CVE match. Click on a CVE to view the detailed writeup including vulnerability background, technical details, patch analysis, and PoC guide.
--- cache/wp-hotel-booking_2.2.7/assets/dist/js/frontend/hotel-booking.asset.php 2026-01-19 00:17:19.529921046 +0000+++ cache/wp-hotel-booking_2.2.8/assets/dist/js/frontend/hotel-booking.asset.php 2026-01-19 00:19:41.450721927 +0000@@ -1 +1 @@-<?php return array('dependencies' => array(), 'version' => 'bdc62b67782a34752e70');+<?php return array('dependencies' => array(), 'version' => '860310930a02493ba34e');
I'll analyze the provided code diff for security vulnerabilities. **Analysis of hotel-booking.asset.php diff:** Vulnerability Existed: no **Explanation:** This diff shows only a version string update in a PHP asset manifest file. The change is: - Old version: `'bdc62b67782a34752e70'` - New version: `'860310930a02493ba34e'` This is a routine version hash update for cache busting purposes and does not introduce or fix any security vulnerabilities. The file structure, PHP syntax, and functionality remain identical. Asset version hashes are typically generated automatically by build tools and are meant to invalidate browser caches when assets change. **Conclusion:** No security vulnerabilities are present in this diff. This is a benign version update with no security implications.
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
--- cache/wp-hotel-booking_2.2.7/assets/dist/js/frontend/hotel-booking.min.asset.php 2026-01-19 00:17:19.533921294 +0000+++ cache/wp-hotel-booking_2.2.8/assets/dist/js/frontend/hotel-booking.min.asset.php 2026-01-19 00:19:41.454722175 +0000@@ -1 +1 @@-<?php return array('dependencies' => array(), 'version' => '5481565f3c653226ec4a');+<?php return array('dependencies' => array(), 'version' => '89254d5edb5ad3927ae8');
Vulnerability Existed: no
No Vulnerability Detected - [N/A] - [assets/dist/js/frontend/hotel-booking.min.asset.php] [Lines 1]
[Old Code]
<?php return array('dependencies' => array(), 'version' => '5481565f3c653226ec4a');
[Fixed Code]
<?php return array('dependencies' => array(), 'version' => '89254d5edb5ad3927ae8');
Explanation:
This diff shows only a version hash update in an asset manifest file. The change is from one hash string to another (5481565f3c653226ec4a → 89254d5edb5ad3927ae8), which is a routine cache-busting update. There are no security vulnerabilities introduced or fixed here. The file structure remains identical, no new code paths are added, no sanitization or validation changes occur, and no security-relevant logic is modified. This is a standard build artifact update with no security implications.
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
--- cache/wp-hotel-booking_2.2.7/includes/TemplateHooks/ArchiveRoomTemplate.php 2026-01-19 00:17:19.609926008 +0000+++ cache/wp-hotel-booking_2.2.8/includes/TemplateHooks/ArchiveRoomTemplate.php 2026-01-19 00:19:41.630733087 +0000@@ -1,313 +1,313 @@-<?php-/**- * Template archive rooms- *- * @since 2.1.8- * @version 1.0.0- */--namespace WPHB\TemplateHooks;--use Exception;-use WPHB\Helpers\Singleton;-use WPHB\Helpers\Template;-use WPHB_Settings;--class ArchiveRoomTemplate {- use Singleton;-- public function init() {- add_action( 'wphb/list-rooms/layout', array( $this, 'layout_rooms' ), 10, 1 );- }-- public function layout_rooms( $atts = array() ) {- try {- $rooms_html_wrapper = apply_filters(- 'wphb/list-rooms/layout/wrapper',- array(- '<div class="container room-container">' => '</div>',- )- );-- $rooms_content = static::render_rooms();- echo Template::instance()->nest_elements( $rooms_html_wrapper, $rooms_content );- } catch ( Exception $e ) {- echo 'Error: ' . $e->getMessage();- }- }-- /**- * Render template list rooms with settings param.- * - *- * @return string- */- public static function render_rooms() {- global $wp_query;- if ( $wp_query->is_tax( 'hb_room_type' ) ) {- $room_type = $wp_query->queried_object_id;- } else {- $room_type = hb_get_request( 'room_type', '' );- }- $paged = get_query_var( 'paged' ) ?: hb_get_request( 'paged', 1, 'int' );- $atts = array(- 'check_in_date' => hb_get_request( 'check_in_date', date( 'Y/m/d' ) ),- 'check_out_date' => hb_get_request( 'check_out_date', date( 'Y/m/d', strtotime( '+1 day' ) ) ),- 'adults' => hb_get_request( 'adults', 1 ),- 'max_child' => hb_get_request( 'max_child', 0 ),- 'room_qty' => hb_get_request( 'room_qty', 1 ),- 'widget_search' => false,- 'hb_page' => $paged,- 'min_price' => hb_get_request( 'min_price', 0 ),- 'max_price' => hb_get_request( 'max_price', '' ),- 'rating' => hb_get_request( 'rating', '' ),- 'room_type' => $room_type,- 'sort_by' => hb_get_request( 'sort_by', '' ),- );-- $results = hb_search_rooms( $atts );- $max_num_pages = 0;- if ( empty( $results ) || empty( $results['data'] ) ) {- $rooms = array();- $total = 0;- $paged = 1;-- $posts_per_page = (int) apply_filters( 'hb_number_search_rooms_per_page', WPHB_Settings::instance()->get( 'posts_per_page', 8 ) );- } else {- $rooms = $results['data'];- $total = $results['total'];- $paged = $results['page'];-- $posts_per_page = $results['posts_per_page'];- $max_num_pages = $results['max_num_pages'];- }-- // HTML section rooms.- $html_rooms = '';-- ob_start();- if ( empty( $rooms ) ) {- _e( 'No room found', 'wp-hotel-booking' );- } else {- hotel_booking_room_loop_start();- foreach ($rooms as $room) {- global $post;- $post = get_post($room->ID);- setup_postdata($post);- hb_get_template_part( 'content', 'room' );- }- hotel_booking_room_loop_end();- wp_reset_postdata();- }-- $html_rooms = ob_get_clean();- // end HTML section rooms-- // HTML Sort By- $sort_by = hb_get_request( 'sort_by' );-- $data = array(- 'sort_by' => $sort_by,- );-- if ( $total ) {- $data['show_number'] = hb_get_show_room_text(- array(- 'paged' => $paged,- 'total' => $total,- 'item_per_page' => $posts_per_page,- )- );- }-- $sort_by = hb_get_template_content( 'search/v2/sort-by.php', compact( 'data' ) );-- // html pagination- $data_pagination = array(- 'total_pages' => $max_num_pages,- 'paged' => $paged,- );- $html_pagination = static::instance()->html_pagination( $data_pagination );-- // section_rooms- $section_rooms = apply_filters(- 'wbhb/layout/list-rooms/section/rooms',- array(- 'wrapper' => '<div class="room-content">',- 'sort_by' => $sort_by,- 'rooms' => $html_rooms,- 'pagination' => $html_pagination,- 'wrapper_end' => '</div>',- ),- $results,- $atts- );-- // check show filter- if ( get_option( 'tp_hotel_booking_filter_price_enable', 1 ) ) {- $filter = hb_get_template_content( 'search/v2/search-filter-v2.php', array( 'atts' => array() ) );- } else {- $filter = '';- }- $check_room_availability = static::instance()->check_room_availability( $atts );- // section ( filter + section_rooms )- $section = apply_filters(- 'wbhb/layout/list-rooms/section',- array(- 'check_availability' => $check_room_availability,- 'archive_content' => '<div>',- 'filter' => $filter,- 'rooms' => Template::combine_components( $section_rooms ),- 'archive_content_end' => '</div>',- ),- $rooms,- $atts- );-- $content = Template::combine_components( $section );-- return $content;- }-- /**- * Pagination- * support pagination number- * any support other type pagination add here- *- * @param array $data- *- * @return string- */- public function html_pagination( array $data = array() ): string {- if ( empty( $data['total_pages'] ) || $data['total_pages'] <= 1 ) {- return '';- }-- $html_wrapper = array(- ' <nav class="rooms-pagination">' => '</nav>',- );-- $pagination = paginate_links(- apply_filters(- 'hb_pagination_args',- array(- 'base' => esc_url_raw( str_replace( 999999999, '%#%', get_pagenum_link( 999999999, false ) ) ),- 'format' => '',- 'add_args' => '',- 'current' => max( 1, $data['paged'] ?? 1 ),- 'total' => $data[ 'total_pages' ?? 1 ],- 'prev_text' => __( 'Previous', 'wp-hotel-booking' ),- 'next_text' => __( 'Next', 'wp-hotel-booking' ),- 'type' => 'list',- 'end_size' => 3,- 'mid_size' => 3,- )- )- );-- return Template::instance()->nest_elements( $html_wrapper, $pagination );- }-- public function check_room_availability( $atts ) {- $title = sprintf( '<h3>%s</h3>', __( 'Check avaibility', 'wp-hotel-booking' ) );- $check_in_date = hb_get_request( 'check_in_date', date( 'Y/m/d' ) );- $check_out_date = hb_get_request( 'check_out_date', date( 'Y/m/d', strtotime( '+1 day' ) ) );- $adults = hb_get_request( 'adults', 1 );- $max_child = hb_get_request( 'max_child', 0 );- $room_qty = hb_get_request( 'room_qty', 1 );-- $check_in_date_html = $this->date_field( __( 'Check-in Date', 'wp-hotel-booking' ), 'check_in_date', $atts['check_in_date'] );- $check_out_date_html = $this->date_field( __( 'Check-out Date', 'wp-hotel-booking' ), 'check_out_date', $atts['check_out_date'] );- $adults_html = $this->dropdown_selector(- __( 'Adults', 'wp-hotel-booking' ),- 'adults_capacity',- $atts['adults']- );- $child_html = $this->dropdown_selector(- __( 'Children', 'wp-hotel-booking' ),- 'max_child',- $atts['max_child'],- 0- );- $quantity_html = $this->dropdown_selector(- __( 'Rooms', 'wp-hotel-booking' ),- 'room_qty',- $atts['room_qty'],- );- $button_html = sprintf( '<div class="hb-form-field-input"><button type="submit" class="rooms-check-avaibility">%s</button></div>', __( 'Check avaibility', 'wp-hotel-booking' ) );-- $sections = apply_filters(- 'wbhb/layout/list-rooms/section/check-availability-form',- array(- 'wrapper' => '<div class="hotel-booking-rooms-search">',- 'title' => $title,- 'form_start' => '<form name="hb-search-form" class="hb-search-form hb-form-table" >',- 'check_in_date' => $check_in_date_html,- 'check_out_date' => $check_out_date_html,- 'adults_capacity' => $adults_html,- 'child_capacity' => $child_html,- 'quantity' => $quantity_html,- 'button_search' => $button_html,- 'form_end' => '</form>',- 'wrapper_end' => '</div>',- ),- $atts- );- return Template::combine_components( $sections );- }-- public function date_field( $label = '', $name = '', $value = '' ) {- $label_html = sprintf( '<label>%s</label>', $label );- $input = sprintf(- '<input type="text" name="%1$s" class="hb_input_date_check" value="%2$s" placeholder="%3$s" autocomplete="off"/>',- $name,- $value,- $label- );- $sections = array(- 'wrapper' => '<div class="hb-form-field-input">',- 'label' => $label_html,- 'input' => $input,- 'wrapper_end' => '</div>',- );- return Template::combine_components( $sections );- }-- public function dropdown_selector( $label = '', $name = '', $value = 1, $min = 1 ) {-- $label = sprintf( '<label>%s</label>', $label );- $input_html = sprintf(- '<div class="hb-form-field-input hb-input-field-number">- <input type="number" step="1" min="%1$d" name="%2$s" value="%3$s" />- </div>',- $min, $name, $value- );- $nav_number_html = sprintf(- '<div class="hb-form-field-list nav-number-input-field">- <span class="label">%s</span>- <div class="number-box">- <span class="number-icons hb-goDown"><i class="fa fa-minus"></i></span>- <span class="hb-number-field-value">- </span>- <span class="number-icons hb-goUp"><i class="fa fa-plus"></i></span>- </div>- </div>',- $label- );-- $sections = apply_filters(- 'wbhb/layout/list-rooms/check-availability-form/number-input',- array(- //sửa sang wrapper này để theme hiển thị dạng +/- - // 'wrapper' => '<div class="hb-form-field hb-form-number hb-form-number-input">', - 'wrapper' => '<div class="hb-form-field hb-form-number">',- 'label' => $label,- 'input' => $input_html,- 'nav_number' => $nav_number_html,- 'wrapper_end' => '</div>',- )- );-- return Template::combine_components( $sections );- }-}+<?php +/** + * Template archive rooms + * + * @since 2.1.8 + * @version 1.0.0 + */ + +namespace WPHB\TemplateHooks; + +use Exception; +use WPHB\Helpers\Singleton; +use WPHB\Helpers\Template; +use WPHB_Settings; + +class ArchiveRoomTemplate { + use Singleton; + + public function init() { + add_action( 'wphb/list-rooms/layout', array( $this, 'layout_rooms' ), 10, 1 ); + } + + public function layout_rooms( $atts = array() ) { + try { + $rooms_html_wrapper = apply_filters( + 'wphb/list-rooms/layout/wrapper', + array( + '<div class="container room-container">' => '</div>', + ) + ); + + $rooms_content = static::render_rooms(); + echo Template::instance()->nest_elements( $rooms_html_wrapper, $rooms_content ); + } catch ( Exception $e ) { + echo 'Error: ' . $e->getMessage(); + } + } + + /** + * Render template list rooms with settings param. + * + * + * @return string + */ + public static function render_rooms() { + global $wp_query; + if ( $wp_query->is_tax( 'hb_room_type' ) ) { + $room_type = $wp_query->queried_object_id; + } else { + $room_type = hb_get_request( 'room_type', '' ); + } + $paged = get_query_var( 'paged' ) ?: hb_get_request( 'paged', 1, 'int' ); + $atts = array( + 'check_in_date' => hb_get_request( 'check_in_date', date( 'Y/m/d' ) ), + 'check_out_date' => hb_get_request( 'check_out_date', date( 'Y/m/d', strtotime( '+1 day' ) ) ), + 'adults' => hb_get_request( 'adults', 1 ), + 'max_child' => hb_get_request( 'max_child', 0 ), + 'room_qty' => hb_get_request( 'room_qty', 1 ), + 'widget_search' => false, + 'hb_page' => $paged, + 'min_price' => hb_get_request( 'min_price', 0 ), + 'max_price' => hb_get_request( 'max_price', '' ), + 'rating' => hb_get_request( 'rating', '' ), + 'room_type' => $room_type, + 'sort_by' => hb_get_request( 'sort_by', 'date-desc' ), + ); + + $results = hb_search_rooms( $atts ); + $max_num_pages = 0; + if ( empty( $results ) || empty( $results['data'] ) ) { + $rooms = array(); + $total = 0; + $paged = 1; + + $posts_per_page = (int) apply_filters( 'hb_number_search_rooms_per_page', WPHB_Settings::instance()->get( 'posts_per_page', 8 ) ); + } else { + $rooms = $results['data']; + $total = $results['total']; + $paged = $results['page']; + + $posts_per_page = $results['posts_per_page']; + $max_num_pages = $results['max_num_pages']; + } + + // HTML section rooms. + $html_rooms = ''; + + ob_start(); + if ( empty( $rooms ) ) { + _e( 'No room found', 'wp-hotel-booking' ); + } else { + hotel_booking_room_loop_start(); + foreach ($rooms as $room) { + global $post; + $post = get_post($room->ID); + setup_postdata($post); + hb_get_template_part( 'content', 'room' ); + } + hotel_booking_room_loop_end(); + wp_reset_postdata(); + } + + $html_rooms = ob_get_clean(); + // end HTML section rooms + + // HTML Sort By + $sort_by = hb_get_request( 'sort_by' ); + + $data = array( + 'sort_by' => $sort_by, + ); + + if ( $total ) { + $data['show_number'] = hb_get_show_room_text( + array( + 'paged' => $paged, + 'total' => $total, + 'item_per_page' => $posts_per_page, + ) + ); + } + + $sort_by = hb_get_template_content( 'search/v2/sort-by.php', compact( 'data' ) ); + + // html pagination + $data_pagination = array( + 'total_pages' => $max_num_pages, + 'paged' => $paged, + ); + $html_pagination = static::instance()->html_pagination( $data_pagination ); + + // section_rooms + $section_rooms = apply_filters( + 'wbhb/layout/list-rooms/section/rooms', + array( + 'wrapper' => '<div class="room-content">', + 'sort_by' => $sort_by, + 'rooms' => $html_rooms, + 'pagination' => $html_pagination, + 'wrapper_end' => '</div>', + ), + $results, + $atts + ); + + // check show filter + if ( get_option( 'tp_hotel_booking_filter_price_enable', 1 ) ) { + $filter = hb_get_template_content( 'search/v2/search-filter-v2.php', array( 'atts' => array() ) ); + } else { + $filter = ''; + } + $check_room_availability = static::instance()->check_room_availability( $atts ); + // section ( filter + section_rooms ) + $section = apply_filters( + 'wbhb/layout/list-rooms/section', + array( + 'check_availability' => $check_room_availability, + 'archive_content' => '<div>', + 'filter' => $filter, + 'rooms' => Template::combine_components( $section_rooms ), + 'archive_content_end' => '</div>', + ), + $rooms, + $atts + ); + + $content = Template::combine_components( $section ); + + return $content; + } + + /** + * Pagination + * support pagination number + * any support other type pagination add here + * + * @param array $data + * + * @return string + */ + public function html_pagination( array $data = array() ): string { + if ( empty( $data['total_pages'] ) || $data['total_pages'] <= 1 ) { + return ''; + } + + $html_wrapper = array( + ' <nav class="rooms-pagination">' => '</nav>', + ); + + $pagination = paginate_links( + apply_filters( + 'hb_pagination_args', + array( + 'base' => esc_url_raw( str_replace( 999999999, '%#%', get_pagenum_link( 999999999, false ) ) ), + 'format' => '', + 'add_args' => '', + 'current' => max( 1, $data['paged'] ?? 1 ), + 'total' => $data[ 'total_pages' ?? 1 ], + 'prev_text' => __( 'Previous', 'wp-hotel-booking' ), + 'next_text' => __( 'Next', 'wp-hotel-booking' ), + 'type' => 'list', + 'end_size' => 3, + 'mid_size' => 3, + ) + ) + ); + + return Template::instance()->nest_elements( $html_wrapper, $pagination ); + } + + public function check_room_availability( $atts ) { + $title = sprintf( '<h3>%s</h3>', __( 'Check avaibility', 'wp-hotel-booking' ) ); + $check_in_date = hb_get_request( 'check_in_date', date( 'Y/m/d' ) ); + $check_out_date = hb_get_request( 'check_out_date', date( 'Y/m/d', strtotime( '+1 day' ) ) ); + $adults = hb_get_request( 'adults', 1 ); + $max_child = hb_get_request( 'max_child', 0 ); + $room_qty = hb_get_request( 'room_qty', 1 ); + + $check_in_date_html = $this->date_field( __( 'Check-in Date', 'wp-hotel-booking' ), 'check_in_date', $atts['check_in_date'] ); + $check_out_date_html = $this->date_field( __( 'Check-out Date', 'wp-hotel-booking' ), 'check_out_date', $atts['check_out_date'] ); + $adults_html = $this->dropdown_selector( + __( 'Adults', 'wp-hotel-booking' ), + 'adults_capacity', + $atts['adults'] + ); + $child_html = $this->dropdown_selector( + __( 'Children', 'wp-hotel-booking' ), + 'max_child', + $atts['max_child'], + 0 + ); + $quantity_html = $this->dropdown_selector( + __( 'Rooms', 'wp-hotel-booking' ), + 'room_qty', + $atts['room_qty'], + ); + $button_html = sprintf( '<div class="hb-form-field-input"><button type="submit" class="rooms-check-avaibility">%s</button></div>', __( 'Check avaibility', 'wp-hotel-booking' ) ); + + $sections = apply_filters( + 'wbhb/layout/list-rooms/section/check-availability-form', + array( + 'wrapper' => '<div class="hotel-booking-rooms-search">', + 'title' => $title, + 'form_start' => '<form name="hb-search-form" class="hb-search-form hb-form-table" >', + 'check_in_date' => $check_in_date_html, + 'check_out_date' => $check_out_date_html, + 'adults_capacity' => $adults_html, + 'child_capacity' => $child_html, + 'quantity' => $quantity_html, + 'button_search' => $button_html, + 'form_end' => '</form>', + 'wrapper_end' => '</div>', + ), + $atts + ); + return Template::combine_components( $sections ); + } + + public function date_field( $label = '', $name = '', $value = '' ) { + $label_html = sprintf( '<label>%s</label>', $label ); + $input = sprintf( + '<input type="text" name="%1$s" class="hb_input_date_check" value="%2$s" placeholder="%3$s" autocomplete="off"/>', + $name, + $value, + $label + ); + $sections = array( + 'wrapper' => '<div class="hb-form-field-input">', + 'label' => $label_html, + 'input' => $input, + 'wrapper_end' => '</div>', + ); + return Template::combine_components( $sections ); + } + + public function dropdown_selector( $label = '', $name = '', $value = 1, $min = 1 ) { + + $label = sprintf( '<label>%s</label>', $label ); + $input_html = sprintf( + '<div class="hb-form-field-input hb-input-field-number"> + <input type="number" step="1" min="%1$d" name="%2$s" value="%3$s" /> + </div>', + $min, $name, $value + ); + $nav_number_html = sprintf( + '<div class="hb-form-field-list nav-number-input-field"> + <span class="label">%s</span> + <div class="number-box"> + <span class="number-icons hb-goDown"><i class="fa fa-minus"></i></span> + <span class="hb-number-field-value"> + </span> + <span class="number-icons hb-goUp"><i class="fa fa-plus"></i></span> + </div> + </div>', + $label + ); + + $sections = apply_filters( + 'wbhb/layout/list-rooms/check-availability-form/number-input', + array( + //sửa sang wrapper này để theme hiển thị dạng +/- + // 'wrapper' => '<div class="hb-form-field hb-form-number hb-form-number-input">', + 'wrapper' => '<div class="hb-form-field hb-form-number">', + 'label' => $label, + 'input' => $input_html, + 'nav_number' => $nav_number_html, + 'wrapper_end' => '</div>', + ) + ); + + return Template::combine_components( $sections ); + } +}
Vulnerability Existed: no [No vulnerability detected] - [N/A] - includes/TemplateHooks/ArchiveRoomTemplate.php [Lines 1-313] [Old Code] 'sort_by' => hb_get_request( 'sort_by', '' ), [Fixed Code] 'sort_by' => hb_get_request( 'sort_by', 'date-desc' ), Explanation: This diff shows only a line-ending normalization (LF vs CRLF conversion) and a single functional change on line 67. The functional change provides a default value of 'date-desc' instead of an empty string for the 'sort_by' parameter. This is a defensive programming improvement but not a security vulnerability fix. The change prevents potential undefined behavior when sort_by is empty, but the underlying code does not contain exploitable security flaws. The application logic relies on the `hb_get_request()` function and downstream template handling to process this value safely. No SQL injection, XSS, CSRF, or other OWASP Top 10 vulnerabilities are introduced or fixed in this diff.
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
--- cache/wp-hotel-booking_2.2.7/includes/class-wphb-ajax.php 2026-01-19 00:17:19.593925016 +0000+++ cache/wp-hotel-booking_2.2.8/includes/class-wphb-ajax.php 2026-01-19 00:19:41.570729367 +0000@@ -1,919 +1,919 @@-<?php-/**- * WP Hotel Booking ajax.- *- * @version 1.9.6- * @author ThimPress- * @package WP_Hotel_Booking/Classes- * @category Classes- * @author Thimpress, leehld- */--/**- * Prevent loading this file directly- */-defined( 'ABSPATH' ) || exit;--/**- * Class WPHB_Ajax- */-class WPHB_Ajax {-- /**- * @var bool- */- protected static $_loaded = false;-- /**- * Constructor- */- function __construct() {- if ( self::$_loaded ) {- return;- }-- $ajax_actions = array(- 'fetch_customer_info' => true,- 'place_order' => true,- 'load_room_type_galley' => false,- 'parse_search_params' => true,- 'parse_booking_params' => true,- 'apply_coupon' => true,- 'remove_coupon' => true,- 'ajax_add_to_cart' => true,- 'add_extra_to_cart' => true,- 'ajax_remove_item_cart' => true,- 'load_order_user' => false,- 'load_room_ajax' => false,- 'check_room_available' => false,- 'load_order_item' => false,- 'load_coupon_ajax' => false,- 'admin_add_order_item' => false,- 'admin_remove_order_item' => false,- 'admin_remove_order_items' => false,- 'add_coupon_to_order' => false,- 'remove_coupon_on_order' => false,- 'load_other_full_calendar' => false,- 'dismiss_notice' => true,- 'create_pages' => false,- );-- foreach ( $ajax_actions as $action => $priv ) {- add_action( "wp_ajax_hotel_booking_{$action}", array( __CLASS__, $action ) );- if ( $priv ) {- add_action( "wp_ajax_nopriv_hotel_booking_{$action}", array( __CLASS__, $action ) );- }- }- self::$_loaded = true;- }-- /**- * It creates a page- */- static function create_pages() {- $response = array(- 'code' => 0,- 'message' => '',- );-- if ( ! current_user_can( 'edit_pages' ) || empty( $_POST['page_name'] ) ) {- $response['message'] = __( 'Request invalid', 'wp-hotel-booking' );- hb_send_json( $response );- }-- $page_name = WPHB_Helpers::sanitize_params_submitted( $_POST['page_name'] );-- if ( $page_name ) {- $args = array(- 'post_type' => 'page',- 'post_title' => $page_name,- 'post_status' => 'publish',- );-- $page_id = wp_insert_post( $args );-- if ( $page_id ) {- $response['code'] = 1;- $response['message'] = 'create page success';- $response['page'] = get_post( $page_id );- $response['html'] = '<a href="' . get_edit_post_link( $page_id ) . '" target="_blank">' . __( 'Edit Page', 'wp-hotel-booking' ) . '</a> ';- $response['html'] .= '<a href="' . get_permalink( $page_id ) . '" target="_blank">' . __( 'View Page', 'wp-hotel-booking' ) . '</a>';- } else {- $response['error'] = __( 'Error! Page creation failed. Please try again.', 'wp-hotel-booking' );- }- } else {- $response['error'] = __( 'Empty page name!', 'wp-hotel-booking' );- }-- wp_send_json( $response );- die;- }-- /**- * Add extra to cart action.- */- public static function add_extra_to_cart() {-- if ( ! check_ajax_referer( 'hb_select_extra_nonce_action', 'nonce' ) ) {- return;- }-- $cart_id = sanitize_text_field( wp_unslash( $_POST['cart_id'] ) );- if ( ! $cart_id ) {- hb_send_json(- array(- 'status' => 'warning',- 'message' => __( 'Cart ID is invalid.', 'wp-hotel-booking' ),- )- );- }-- $cart = WPHB_Cart::instance();- $extra_cart = HB_Extra_Cart::instance();- $cart_item = $cart->get_cart_item( $cart_id );-- if ( isset( $_POST['hb_optional_quantity_selected'] ) ) {- $selected = WPHB_Helpers::sanitize_params_submitted( $_POST['hb_optional_quantity_selected'] );- $extra_qty = WPHB_Helpers::sanitize_params_submitted( $_POST['hb_optional_quantity'] );-- foreach ( $selected as $extra_id => $select ) {- if ( $select == 'on' && $cart_item ) {- $extra_cart->ajax_added_cart(- $cart_id,- array(- 'hb_optional_quantity' => array( $extra_id => $extra_qty[ $extra_id ] ),- 'hb_optional_quantity_selected' => array( $extra_id => 'on' ),- ),- );- }- }- }- $cart_url = hb_get_cart_url();-- $pageRedirect = WPHB_Settings::instance()->getPageRedirect();-- if ( $pageRedirect == '' ) {- $pageRedirect = $cart_url;- }-- hb_send_json(- array(- 'status' => 'success',- 'redirect' => $pageRedirect,- )- );- }--- /**- * Dismiss remove TP Hotel Booking plugin notice- */- static function dismiss_notice() {- if ( empty( hb_get_request( 'nonce', false ) )- || ! wp_verify_nonce( hb_get_request( 'nonce' ), 'hb_booking_nonce_action' ) ) {- wp_die();- }-- if ( is_multisite() ) {- update_site_option( 'wphb_notice_remove_hotel_booking', 1 );- } else {- update_option( 'wphb_notice_remove_hotel_booking', 1 );- }- wp_send_json(- array(- 'status' => 'done',- )- );- }-- /**- * Fetch customer information with user email- */- static function fetch_customer_info() {- if ( empty( hb_get_request( 'nonce', false ) )- || ! wp_verify_nonce( hb_get_request( 'nonce' ), 'hb_booking_nonce_action' ) ) {- die();- }- $email = hb_get_request( 'email' );- $args = array(- 'post_type' => 'hb_booking',- 'meta_key' => '_hb_customer_email',- 'meta_value' => $email,- 'post_status' => 'any',- );- // set_transient( 'hotel_booking_customer_email_' . WPHB_BLOG_ID, $email, DAY_IN_SECONDS );- WP_Hotel_Booking::instance()->cart->set_customer( 'customer_email', $email );- if ( $posts = get_posts( $args ) ) {- $customer = $posts[0];- $customer->data = array();- $data = get_post_meta( $customer->ID );- foreach ( $data as $k => $v ) {- $customer->data[ $k ] = $v[0];- }- } else {- $customer = null;- }- hb_send_json( $customer );- die();- }-- /**- * Process the order with customer information posted via form- *- * @throws Exception- */- static function place_order() {- hb_customer_place_order();- }-- /**- * Get all images for a room type- */- static function load_room_type_galley() {- $term_id = hb_get_request( 'term_id' );- $attachment_ids = get_option( 'hb_taxonomy_thumbnail_' . $term_id );- $attachments = array();- if ( $attachment_ids ) {- foreach ( $attachment_ids as $id ) {- $attachment = wp_get_attachment_image_src( $id, 'thumbnail' );- $attachments[] = array(- 'id' => $id,- 'src' => $attachment[0],- );- }- }- hb_send_json( $attachments );- }-- /**- * Catch variables via post method and build a request param- */- static function parse_search_params() {- check_ajax_referer( 'hb_search_nonce_action', '_nonce' );- $params = array(- 'hotel-booking' => hb_get_request( 'hotel-booking' ),- 'check_in_date' => hb_get_request( 'check_in_date' ),- 'check_out_date' => hb_get_request( 'check_out_date' ),- 'hb_check_in_date' => hb_get_request( 'hb_check_in_date' ),- 'hb_check_out_date' => hb_get_request( 'hb_check_out_date' ),- 'adults' => hb_get_request( 'adults_capacity' ),- 'max_child' => hb_get_request( 'max_child' ),- );-- $return = apply_filters(- 'hotel_booking_parse_search_param',- array(- 'success' => 1,- 'sig' => base64_encode( wp_json_encode( $params ) ),- 'params' => $params,- )- );- hb_send_json( $return );- }-- static function apply_coupon() {- ! session_id() && session_start( array( 'read_and_close' => true ) );- $code = hb_get_request( 'code' );- if ( empty( hb_get_request( 'nonce', false ) )- || ! wp_verify_nonce( hb_get_request( 'nonce' ), 'hb_booking_nonce_action' ) ) {- wp_die( __( 'Require Nonce!', 'wp-hotel-booking' ) );- }- ob_start();- $today = strtotime( date( 'm/d/Y' ) );- $coupon = hb_get_coupons_active( $today, $code );-- $output = ob_get_clean();- $response = array();- if ( $coupon ) {- $coupon = HB_Coupon::instance( $coupon );- $response = $coupon->validate();- if ( $response['is_valid'] ) {- $response['result'] = 'success';- $response['type'] = get_post_meta( $coupon->ID, '_hb_coupon_discount_type', true );- $response['value'] = get_post_meta( $coupon->ID, '_hb_coupon_discount_value', true );- // set session- WP_Hotel_Booking::instance()->cart->set_customer( 'coupon', $coupon->post->ID );- hb_add_message( __( 'Coupon code applied', 'wp-hotel-booking' ) );- }- } else {- $response['message'] = __( 'Coupon does not exist!', 'wp-hotel-booking' );- }- hb_send_json(- $response- );- }-- static function remove_coupon() {- ! session_id() && session_start( array( 'read_and_close' => true ) );- // delete_transient( 'hb_user_coupon_' . session_id() );- WP_Hotel_Booking::instance()->cart->set_customer( 'coupon', null );- hb_add_message( __( 'Coupon code removed', 'wp-hotel-booking' ) );- hb_send_json(- array(- 'result' => 'success',- )- );- }-- static function parse_booking_params() {-- check_ajax_referer( 'hb_booking_nonce_action', 'nonce' );-- $check_in = hb_get_request( 'check_in_date' );- $check_out = hb_get_request( 'check_out_date' );- $num_of_rooms = hb_get_request( 'hb-num-of-rooms' );-- $params = array(- 'hotel-booking' => hb_get_request( 'hotel-booking' ),- 'check_in_date' => $check_in,- 'check_out_date' => $check_out,- 'hb-num-of-rooms' => $num_of_rooms,- );-- // print_r($params);- hb_send_json(- array(- 'success' => 1,- 'sig' => base64_encode( serialize( $params ) ),- )- );- }-- static function ajax_add_to_cart() {- $res = new WPHB_REST_Response();-- try {- if ( ! check_ajax_referer( 'hb_booking_nonce_action', 'nonce' ) ) {- throw new Exception( __( 'Invalid request', 'wp-hotel-booking' ) );- }-- $qty = WPHB_Helpers::get_param( 'hb-num-of-rooms', 1, 'int' );- $room_id = WPHB_Helpers::get_param( 'room-id', 0, 'int' );- $check_in_date = WPHB_Helpers::get_param( 'check_in_date' );- $check_out_date = WPHB_Helpers::get_param( 'check_out_date' );- $adult_qty = WPHB_Helpers::get_param( 'adult_qty', 1, 'int' );- $child_qty = WPHB_Helpers::get_param( 'child_qty', 0, 'int' );-- $from_check_dates_room = WPHB_Helpers::get_param( 'from-check-dates-room', 0, 'int' );-- if ( ! $room_id ) {- throw new Exception( __( 'Room ID is invalid.', 'wp-hotel-booking' ) );- }-- $room = get_post( $room_id );- if ( ! $room || ! is_a( $room, 'WP_POST' ) || $room->post_type != 'hb_room' ) {- throw new Exception( __( 'Room ID is not exists.', 'wp-hotel-booking' ) );- }-- $available_qty = hotel_booking_get_room_available(- $room_id,- array(- 'check_in_date' => $check_in_date,- 'check_out_date' => $check_out_date,- )- );- if ( is_wp_error( $available_qty ) ) {- throw new Exception( $available_qty->get_error_message() );- } elseif ( $qty > $available_qty ) {- $message = sprintf( __( 'You can only book up to %d rooms' ), $available_qty );- throw new Exception( $message );- }-- // Add to cart- $params = array(- 'product_id' => $room_id,- 'check_in_date' => $check_in_date,- 'check_out_date' => $check_out_date,- 'adult_qty' => $adult_qty,- 'child_qty' => $child_qty,- );-- $cart_item_id = WP_Hotel_Booking::instance()->cart->add_to_cart( $room_id, $params, $qty );- if ( ! is_wp_error( $cart_item_id ) ) {- $cart_item = WP_Hotel_Booking::instance()->cart->get_cart_item( $cart_item_id );- $room = $cart_item->product_data;- $pageRedirect = WPHB_Settings::instance()->getPageRedirect();-- // Check to add extra- $hb_optional_quantity_selected = WPHB_Helpers::get_param( 'hb_optional_quantity_selected', [] );- $hb_optional_quantity = WPHB_Helpers::get_param( 'hb_optional_quantity', [] );- if ( ! empty( $hb_optional_quantity_selected ) && ! empty( $hb_optional_quantity ) && $cart_item ) {- $extra_cart = HB_Extra_Cart::instance();- foreach ( $hb_optional_quantity_selected as $extra_id => $select ) {- $extra_cart->ajax_added_cart(- $cart_item_id,- array(- 'product_id' => $room_id,- 'hb_optional_quantity' => array( $extra_id => $hb_optional_quantity[ $extra_id ] ),- 'hb_optional_quantity_selected' => array( $extra_id => 'on' ),- 'check_in_date' => $check_in_date,- 'check_out_date' => $check_out_date,- )- );- }- }- $res->data->redirect = $pageRedirect;-- $res->status = 'success';- $res->message = sprintf( '<label class="hb_success_message">%1$s</label>', __( 'Added successfully.', 'wp-hotel-booking' ) );- } else {- throw new $cart_item_id->get_error_message();- }- } catch ( Throwable $e ) {- $res->message = $e->getMessage();- }-- wp_send_json( $res );- }-- // remove cart item- static function ajax_remove_item_cart() {- if ( ! check_ajax_referer( 'hb_booking_nonce_action', 'nonce' ) ) {- return;- }-- $cart = WP_Hotel_Booking::instance()->cart;-- if ( empty( $cart->cart_contents ) || ! isset( $_POST['cart_id'] ) || ! array_key_exists( sanitize_text_field( wp_unslash( $_POST['cart_id'] ) ), $cart->cart_contents ) ) {- hb_send_json(- array(- 'status' => 'warning',- 'message' => __( 'Cart item is not exists.', 'wp-hotel-booking' ),- )- );- }-- if ( $cart->remove_cart_item( sanitize_text_field( wp_unslash( $_POST['cart_id'] ) ) ) ) {- $return = apply_filters(- 'hotel_booking_ajax_remove_cart_item',- array(- 'status' => 'success',- 'sub_total' => hb_format_price( $cart->sub_total ),- 'grand_total' => hb_format_price( $cart->total ),- 'advance_payment' => hb_format_price( $cart->advance_payment ),- )- );-- hb_send_json( $return );- }- }-- // ajax load user in booking details- static function load_order_user() {- if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( sanitize_key( $_POST['nonce'] ), 'hb_booking_nonce_action' ) || ! isset( $_POST['user_name'] ) ) {- return;- }-- if ( ! current_user_can( 'administrator' ) ) {- return;- }-- $user_name = sanitize_text_field( wp_unslash( $_POST['user_name'] ) );- global $wpdb;- $sql = $wpdb->prepare(- "- SELECT user.ID, user.user_email, user.user_login FROM $wpdb->users AS user- WHERE- user.user_login LIKE %s- ",- '%' . $wpdb->esc_like( $user_name ) . '%'- );-- $users = $wpdb->get_results( $sql );- wp_send_json( $users );- die();- }-- // ajax load room in booking details- static function load_room_ajax() {- if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( sanitize_key( $_POST['nonce'] ), 'hb_booking_nonce_action' ) || ! isset( $_POST['room'] ) ) {- return;- }-- $title = sanitize_text_field( $_POST['room'] );- global $wpdb;- $sql = $wpdb->prepare(- "- SELECT room.ID AS ID, room.post_title AS post_title FROM $wpdb->posts AS room- WHERE- room.post_title LIKE %s- AND room.post_type = %s- AND room.post_status = %s- GROUP BY room.post_name- ",- '%' . $wpdb->esc_like( $title ) . '%',- 'hb_room',- 'publish'- );-- $rooms = $wpdb->get_results( $sql );- wp_send_json( $rooms );- die();- }-- // ajax check available room in booking details- static function check_room_available() {-- if ( ! isset( $_POST['hotel-admin-check-room-available'] ) || ! wp_verify_nonce( sanitize_key( $_POST['hotel-admin-check-room-available'] ), 'hotel_admin_check_room_available' ) ) {- return;- }-- // hotel_booking_get_room_available- if ( ! isset( $_POST['product_id'] ) || ! $_POST['product_id'] ) {- wp_send_json(- array(- 'status' => false,- 'message' => __( 'Room not found.', 'wp-hotel-booking' ),- )- );- }-- if ( ! isset( $_POST['check_in_date_timestamp'] ) || ! isset( $_POST['check_out_date_timestamp'] ) ) {- wp_send_json(- array(- 'status' => false,- 'message' => __( 'Please select check in date and checkout date.', 'wp-hotel-booking' ),- )- );- }-- $product_id = absint( $_POST['product_id'] );- $qty = hotel_booking_get_room_available(- $product_id,- array(- 'check_in_date' => sanitize_text_field( wp_unslash( $_POST['check_in_date_timestamp'] ) ),- 'check_out_date' => sanitize_text_field( wp_unslash( $_POST['check_out_date_timestamp'] ) ),- )- );-- if ( $qty && ! is_wp_error( $qty ) ) {-- // HB_Room_Extra instead of HB_Room- $room_extra = HB_Room_Extra::instance( $product_id );-- $room_extra = $room_extra->get_extra();-- $args = apply_filters(- 'hotel_booking_check_room_available',- array(- 'status' => true,- 'qty' => $qty,- 'qty_selected' => isset( $_POST['order_item_id'] ) ? hb_get_order_item_meta( $_POST['order_item_id'], 'qty', true ) : 0,- 'product_id' => $product_id,- 'extra' => $room_extra,- )- );- wp_send_json( $args );- } else {- wp_send_json(- array(- 'status' => false,- 'message' => $qty->get_error_message(),- )- );- }- }-- // ajax load oder item to edit- static function load_order_item() {- if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( sanitize_key( $_POST['nonce'] ), 'hb_booking_nonce_action' ) ) {- return;- }-- if ( ! isset( $_POST['order_item_id'] ) ) {- wp_send_json( array() );- }-- $order_id = isset( $_POST['order_id'] ) ? absint( $_POST['order_id'] ) : 0;- $order_item_id = absint( $_POST['order_item_id'] );- $product_id = hb_get_order_item_meta( $order_item_id, 'product_id', true );- $checkin = hb_get_order_item_meta( $order_item_id, 'check_in_date', true );- $checkout = hb_get_order_item_meta( $order_item_id, 'check_out_date', true );-- // extra hook- $args = apply_filters(- 'hotel_booking_admin_load_order_item',- array(- 'status' => true,- 'modal_title' => __( 'Edit order item', 'wp-hotel-booking' ),- 'order_id' => $order_id,- 'order_item_id' => $order_item_id,- 'product_id' => $product_id,- 'room' => array(- 'ID' => $product_id,- 'post_title' => get_the_title( hb_get_order_item_meta( $order_item_id, 'product_id', true ) ),- ),- 'check_in_date' => date_i18n( hb_get_date_format(), $checkin ),- 'check_out_date' => date_i18n( hb_get_date_format(), $checkout ),- 'check_in_date_timestamp' => $checkin,- 'check_out_date_timestamp' => $checkout,- 'qty' => hotel_booking_get_room_available(- $product_id,- array(- 'check_in_date' => $checkin,- 'check_out_date' => $checkout,- 'excerpt' => array( $order_id ),- )- ),- 'qty_selected' => hb_get_order_item_meta( $order_item_id, 'qty', true ),- 'post_type' => get_post_type( $product_id ),- )- );- wp_send_json( $args );- }-- // ajax load coupons code- static function load_coupon_ajax() {- if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( sanitize_key( $_POST['nonce'] ), 'hb_booking_nonce_action' ) ) {- return;- }-- $code = sanitize_text_field( wp_unslash( $_POST['coupon'] ) );- $time = time();-- global $wpdb;- $sql = $wpdb->prepare(- "- SELECT coupon.ID, coupon.post_title FROM $wpdb->posts AS coupon- INNER JOIN $wpdb->postmeta AS start ON start.post_id = coupon.ID- INNER JOIN $wpdb->postmeta AS end ON end.post_id = coupon.ID- WHERE- coupon.post_type = %s- AND coupon.post_title LIKE %s- AND coupon.post_status = %s- AND start.meta_key = %s- AND end.meta_key = %s- AND ( start.meta_value <= %d AND end.meta_value >= %d )- ",- 'hb_coupon',- '%' . $wpdb->esc_like( $code ) . '%',- 'publish',- '_hb_coupon_date_from_timestamp',- '_hb_coupon_date_to_timestamp',- $time,- $time- );-- wp_send_json( apply_filters( 'hotel_admin_get_coupons', $wpdb->get_results( $sql ) ) );- }-- // book mamunal add order item- static function admin_add_order_item() {- $result = array(- 'status' => false,- 'message' => __( 'Something when wrong!', 'wp-hotel-booking' ),- );-- if ( ! current_user_can( 'administrator' )- && ! current_user_can( 'wphb_hotel_manager' )- && ! current_user_can( 'wphb_booking_editor' ) ) {- $result['message'] = __( 'Request not valid', 'wp-hotel-booking' );- wp_send_json( $result );- }-- if ( ! isset( $_POST['hotel-admin-check-room-available'] ) || ! wp_verify_nonce( sanitize_key( $_POST['hotel-admin-check-room-available'] ), 'hotel_admin_check_room_available' ) ) {- $result['message'] = __( 'nonce is invalid', 'wp-hotel-booking' );- wp_send_json( $result );- }-- if ( ! isset( $_POST['check_in_date_timestamp'] ) || ! isset( $_POST['check_out_date_timestamp'] ) ) {- $result['message'] = __( 'Date check-in or date check-out is invalid', 'wp-hotel-booking' );- wp_send_json( $result );- }-- $order_id = isset( $_POST['order_id'] ) ? absint( $_POST['order_id'] ) : 0;- $product_id = isset( $_POST['product_id'] ) ? absint( $_POST['product_id'] ) : 0;- $qty = isset( $_POST['qty'] ) ? absint( $_POST['qty'] ) : 0;- $check_in_date = absint( $_POST['check_in_date_timestamp'] );- $check_out_date = absint( $_POST['check_out_date_timestamp'] );-- // Check room exist- $room = get_post( $product_id );-- if ( ! is_a( $room, 'WP_POST' ) || ! isset( $room ) || $room->post_type != 'hb_room' ) {- $result['message'] = __( 'Id room is invalid', 'wp-hotel-booking' );- wp_send_json( $result );- }-- if ( ! $qty ) {- $result['message'] = __( 'Can not add item with zero quantity.', 'wp-hotel-booking' );- wp_send_json( $result );- }-- $order_item_id = 0;- if ( isset( $_POST['order_item_id'] ) && $_POST['order_item_id'] ) {- $order_item_id = absint( $_POST['order_item_id'] );- }-- $args = array(- 'order_item_name' => get_the_title( $product_id ),- 'order_item_type' => isset( $_POST['order_item_type'] ) && $_POST['order_item_type'] ? sanitize_title( $_POST['order_item_type'] ) : 'line_item',- 'order_item_parent' => isset( $_POST['order_item_parent'] ) && $_POST['order_item_parent'] ? absint( $_POST['order_item_parent'] ) : null,- );- if ( ! $order_item_id ) {- // add new order item- $order_item_id = hb_add_order_item( $order_id, $args );- } else {- // update order item- hb_update_order_item( $order_item_id, $args );- }-- // update order item meta- hb_update_order_item_meta( $order_item_id, 'product_id', $product_id );- hb_update_order_item_meta( $order_item_id, 'check_in_date', $check_in_date );- hb_update_order_item_meta( $order_item_id, 'check_out_date', $check_out_date );- hb_update_order_item_meta( $order_item_id, 'qty', $qty );-- // Addition package- if ( isset( $_POST['sub_items'] ) ) {- hb_update_order_item_meta( $order_item_id, 'addition_package_items', serialize( $_POST['sub_items'] ) );- }-- $params = array(- 'check_in_date' => $check_in_date,- 'check_out_date' => $check_out_date,- 'quantity' => $qty,- 'order_item_id' => $order_item_id,- );- $product_class = hotel_booking_get_product_class( $product_id, $params );-- // update subtotal, total- $subtotal = $product_class->amount_exclude_tax();- $total = $product_class->amount_include_tax();- hb_update_order_item_meta( $order_item_id, 'subtotal', $subtotal );- hb_update_order_item_meta( $order_item_id, 'total', $total );- hb_update_order_item_meta( $order_item_id, 'tax_total', $total - $subtotal );-- // allow hook- do_action( 'hotel_booking_updated_order_item', $order_id, $order_item_id );-- $post = get_post( $order_id );-- // update booking info meta post- WPHB_Booking::instance( $order_id )->update_room_booking( $order_id );-- ob_start();- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items.php';- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items-template-js.php';- $html = ob_get_clean();- wp_send_json(- array(- 'status' => true,- 'html' => $html,- )- );- }-- // remove order item- static function admin_remove_order_item() {- // verify nonce- if ( ! check_ajax_referer( 'hotel-booking-confirm', 'hotel_booking_confirm' ) ) {- return;- }-- $order_item_id = isset( $_POST['order_item_id'] ) ? absint( $_POST['order_item_id'] ) : 0;- $order_id = isset( $_POST['order_id'] ) ? absint( $_POST['order_id'] ) : 0;- if ( $order_item_id ) {- hb_remove_order_item( $order_item_id );-- $post = get_post( $order_id );- ob_start();- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items.php';- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items-template-js.php';- $html = ob_get_clean();- wp_send_json(- array(- 'status' => true,- 'html' => $html,- )- );- }- }-- // remove list order items- static function admin_remove_order_items() {- // verify nonce- if ( ! check_ajax_referer( 'hotel-booking-confirm', 'hotel_booking_confirm' ) ) {- return;- }-- $order_id = isset( $_POST['order_id'] ) ? absint( $_POST['order_id'] ) : 0;-- if ( isset( $_POST['order_item_id'] ) && is_array( $_POST['order_item_id'] ) ) {- foreach ( $_POST['order_item_id'] as $key => $o_i_d ) {- $o_i_d = absint( $o_i_d );- hb_remove_order_item( $o_i_d );- }- }-- $post = get_post( $order_id );- ob_start();- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items.php';- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items-template-js.php';- $html = ob_get_clean();- wp_send_json(- array(- 'status' => true,- 'html' => $html,- )- );- }-- // add new coupon- static function add_coupon_to_order() {- if ( ! check_ajax_referer( 'hotel_admin_get_coupon_available', 'hotel-admin-get-coupon-available' ) || ! class_exists( 'HB_Coupon' ) ) {- return;- }-- if ( ! isset( $_POST['order_id'] ) || ! isset( $_POST['coupon_id'] ) ) {- return;- }-- $order_id = absint( $_POST['order_id'] );- $coupon_id = absint( $_POST['coupon_id'] );-- $coupon = HB_Coupon::instance( $coupon_id );- $subtotal = hb_booking_subtotal( $order_id, false ); // subtotal without coupon-- add_post_meta( $order_id, '_hb_coupon_id', $coupon_id );- add_post_meta( $order_id, '_hb_coupon_code', $coupon->coupon_code );- add_post_meta( $order_id, '_hb_coupon_value', $coupon->get_discount_value( $subtotal ) );-- $post = get_post( $order_id );- ob_start();- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items.php';- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items-template-js.php';- $html = ob_get_clean();- wp_send_json(- array(- 'status' => true,- 'html' => $html,- )- );- }-- // remove coupon order- static function remove_coupon_on_order() {- if ( ! check_ajax_referer( 'hotel-booking-confirm', 'hotel_booking_confirm' ) ) {- return;- }-- if ( ! isset( $_POST['order_id'] ) || ! isset( $_POST['coupon_id'] ) ) {- return;- }-- $order_id = absint( $_POST['order_id'] );-- delete_post_meta( $order_id, '_hb_coupon_id' );- delete_post_meta( $order_id, '_hb_coupon_code' );- delete_post_meta( $order_id, '_hb_coupon_value' );-- $post = get_post( $order_id );- ob_start();- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items.php';- require_once WPHB_PLUGIN_PATH . '/includes/admin/metaboxes/views/meta-booking-items-template-js.php';- $html = ob_get_clean();- wp_send_json(- array(- 'status' => true,- 'html' => $html,- )- );- }-- static function load_other_full_calendar() {- check_ajax_referer( 'hb_booking_nonce_action', 'nonce' );-- if ( ! isset( $_POST['room_id'] ) ) {- wp_send_json(- array(- 'status' => fasle,- 'message' => __( 'Room is not exists.', 'wp-hotel-booking' ),- )- );- }-- $room_id = absint( $_POST['room_id'] );- if ( ! isset( $_POST['date'] ) ) {- wp_send_json(- array(- 'status' => fasle,- 'message' => __( 'Date is not exists.', 'wp-hotel-booking' ),- )- );- }- $date = sanitize_text_field( wp_unslash( $_POST['date'] ) );-- wp_send_json(- array(- 'status' => true,- 'events' => hotel_booking_print_pricing_json( $room_id, date( 'm/d/Y', strtotime( $date ) ) ),- 'next' => date( 'm/d/Y', strtotime( '+1 month', strtotime( $date ) ) ),- 'prev' => date( 'm/d/Y', strtotime( '-1 month', strtotime( $date ) ) ),- 'month_name' => date_i18n( 'F, Y', strtotime( $date ) ),- )- );- }-}--new WPHB_Ajax();+<?php +/** + * WP Hotel Booking ajax. + * + * @version 1.9.6 + * @author ThimPress + * @package WP_Hotel_Booking/Classes + * @category Classes + * @author Thimpress, leehld + */ + +/** + * Prevent loading this file directly + */ +defined( 'ABSPATH' ) || exit; + +/** + * Class WPHB_Ajax + */ +class WPHB_Ajax { + + /** + * @var bool + */ + protected static $_loaded = false; + + /** + * Constructor + */ + function __construct() { + if ( self::$_loaded ) { + return; + } + + $ajax_actions = array( + //'fetch_customer_info' => true, + 'place_order' => true, + 'load_room_type_galley' => false, + 'parse_search_params' => true, + 'parse_booking_params' => true, + 'apply_coupon' => true, + 'remove_coupon' => true, + 'ajax_add_to_cart' => true, + 'add_extra_to_cart' => true, + 'ajax_remove_item_cart' => true, + 'load_order_user' => false, + 'load_room_ajax' => false, + 'check_room_available' => false, + 'load_order_item' => false, + 'load_coupon_ajax' => false, + 'admin_add_order_item' => false, + 'admin_remove_order_item' => false, + 'admin_remove_order_items' => false, + 'add_coupon_to_order' => false, + 'remove_coupon_on_order' => false, + 'load_other_full_calendar' => false, + 'dismiss_notice' => true, + 'create_pages' => false, + ); + + foreach ( $ajax_actions as $action => $priv ) { + add_action( "wp_ajax_hotel_booking_{$action}", array( __CLASS__, $action ) ); + if ( $priv ) { + add_action( "wp_ajax_nopriv_hotel_booking_{$action}", array( __CLASS__, $action ) ); + } + } + self::$_loaded = true; + } + + /** + * It creates a page + */ + static function create_pages() { + $response = array( + 'code' => 0, + 'message' => '', + ); +
I will analyze this code diff for security vulnerabilities. --- **Vulnerability Existed: yes** TRUE POSITIVE **Unsafe Deserialization - CWE-502 - includes/class-wphb-ajax.php - Line 349** **Old Code:** ```php 'sig' => base64_encode( serialize( $params ) ), ``` **Fixed Code:** ```php The line is removed in the new version (function parse_booking_params no longer uses serialize) ``` **Explanation:** The original code used PHP's `serialize()` function to encode user-controlled data (`$params`), then base64-encoded it. This is vulnerable to PHP Object Injection (CWE-502) if the serialized data is later unserialized with `unserialize()`. An attacker could craft malicious serialized objects that execute arbitrary code when unserialized. The fix removes the use of `serialize()` entirely, eliminating this attack vector. --- **Vulnerability Existed: yes** TRUE POSITIVE **Disabled AJAX Action - Security Hardening - includes/class-wphb-ajax.php - Line 35** **Old Code:** ```php 'fetch_customer_info' => true, ``` **Fixed Code:** ```php //'fetch_customer_info' => true, ``` **Explanation:** The `fetch_customer_info` AJAX action is disabled (commented out). This action was publicly accessible (`=> true` means `wp_ajax_nopriv` hook was registered, allowing unauthenticated access). The function at line 220-243 retrieves customer booking information by email without proper authorization checks beyond nonce verification. By disabling this action, the application prevents potential unauthorized information disclosure where attackers could enumerate customer data using email addresses. This is a defensive security hardening measure. --- **Additional Security Note:** The diff shows a line-ending normalization change (LF to CRLF or vice versa) across the entire file, but the substantive security changes are: 1. Removal of `serialize()` usage (unsafe deserialization fix) 2. Disabling the publicly-accessible `fetch_customer_info` endpoint (information disclosure prevention)
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
--- cache/wp-hotel-booking_2.2.7/includes/class-wphb-sessions.php 2026-01-19 00:17:19.593925016 +0000+++ cache/wp-hotel-booking_2.2.8/includes/class-wphb-sessions.php 2026-01-19 00:19:41.574729615 +0000@@ -1,175 +1,198 @@-<?php-/**- * WP Hotel Booking sessions.- *- * @version 1.9.6- * @author ThimPress- * @package WP_Hotel_Booking/Classes- * @category Classes- * @author Thimpress, leehld- */--/**- * Prevent loading this file directly- */-defined( 'ABSPATH' ) || exit;--if ( ! session_id() ) {- @session_start( array( 'read_and_close' => true ) );-}--if ( ! class_exists( 'WPHB_Sessions' ) ) {- /**- * Class WPHB_Sessions- */- final class WPHB_Sessions {- /**- * @var null- */- static $_instance = null;-- /**- * @var array|mixed|null- */- public $session = null;-- /**- * @var float|int|null- */- private $live_item = null;-- /**- * @var bool- */- private $remember = false;-- /**- * @var null|string- */- public $prefix = null;-- /**- * WPHB_Sessions constructor.- *- * @param string $prefix- * @param bool $remember- */- public function __construct( $prefix = '', $remember = true ) {- if ( ! $prefix ) {- return;- }-- $this->prefix = $prefix;- $this->remember = $remember;-- $this->live_item = 12 * HOUR_IN_SECONDS;-- // get all- $this->session = $this->load();- }-- /**- * @return array|mixed- */- public function load() {- if ( isset( $_SESSION[ $this->prefix ] ) ) {- return $_SESSION[ $this->prefix ];- } elseif ( $this->remember && isset( $_COOKIE[ $this->prefix ] ) ) {- return $_SESSION[ $this->prefix ] = json_decode( WPHB_Helpers::sanitize_params_submitted( $_COOKIE[ $this->prefix ] ), true );- } else {- $transient_prefix = $this->prefix . '_' . session_id();- $transient = get_transient( $transient_prefix );- if ( ! empty( $transient ) && is_array( $transient ) ) {- return $transient;- }- }-- return array();- }-- /**- * @return null- */- public function remove() {- if ( isset( $_SESSION[ $this->prefix ] ) ) {- unset( $_SESSION[ $this->prefix ] );- }-- if ( $this->remember && isset( $_COOKIE[ $this->prefix ] ) ) {- unset( $_COOKIE[ $this->prefix ] );- setcookie( $this->prefix, '', time() - $this->live_item, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );- }-- $transient_prefix = $this->prefix . '_' . session_id();- if ( get_transient( $transient_prefix ) ) {- delete_transient( $transient_prefix );- }-- return $this->session = null;- }-- /**- * @param null $name- * @param null $value- */- public function set( $name = null, $value = null ) {- if ( ! $name ) {- return;- }- if ( ! $value ) {- if ( is_array( $this->session ) ) {- unset( $this->session[ $name ] );- } else {- unset( $this->session->{$name} );- }- } elseif ( is_array( $this->session ) ) {- $this->session[ $name ] = $value;- } else {- $this->session->{$name} = $value;- }- $time = empty( $this->session ) ? time() - $this->live_item : time() + $this->live_item;-- // save session- $_SESSION[ $this->prefix ] = WPHB_Helpers::sanitize_params_submitted( $this->session );-- // save cookie- if ( $this->remember ) {- // set transient for special case when cookie and session was removed after adding- $transient_prefix = $this->prefix . '_' . session_id();- set_transient( $transient_prefix, $this->session, $this->live_item );- @setcookie( $this->prefix, wp_json_encode( $this->session ), $time, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );- }- }-- /**- * @param null $name- * @param null $default- *- * @return mixed|null- */- public function get( $name = null, $default = null ) {- if ( ! $name ) {- return $default;- }-- if ( isset( $this->session[ $name ] ) ) {- return $this->session[ $name ];- }-- return $default;- }-- /**- * @param string $prefix- *- * @return WPHB_Sessions- */- public static function instance( $prefix = '' ) {- if ( ! empty( self::$_instance[ $prefix ] ) ) {- return self::$_instance[ $prefix ];- }-- return self::$_instance[ $prefix ] = new self( $prefix );- }- }-}+<?php +/** + * WP Hotel Booking sessions. + * + * @version 1.9.6 + * @author ThimPress + * @package WP_Hotel_Booking/Classes + * @category Classes + * @author Thimpress, leehld + */ + +/** + * Prevent loading this file directly + */ +defined( 'ABSPATH' ) || exit; + +if ( ! session_id() ) { + // Skip session for REST API requests - major performance improvement + $skip_session = defined( 'REST_REQUEST' ) && REST_REQUEST; + + // Skip for CLI/WP-CLI requests + $skip_session = $skip_session || php_sapi_name() === 'cli' || defined( 'WP_CLI' ); + + // Skip for cron requests + $skip_session = $skip_session || ( defined( 'DOING_CRON' ) && DOING_CRON ); + + if ( ! $skip_session ) { + @session_start( array( 'read_and_close' => true ) ); + } +} + +if ( ! class_exists( 'WPHB_Sessions' ) ) { + /** + * Class WPHB_Sessions + */ + class WPHB_Sessions { + /** + * @var null + */ + static $_instance = null; + + /** + * @var array|mixed|null + */ + public $session = null; + + /** + * @var float|int|null + */ + private $live_item = null; + + /** + * @var bool + */ + private $remember = false; + + /** + * @var null|string + */ + public $prefix = null; + + /** + * WPHB_Sessions constructor. + * + * @param string $prefix + * @param bool $remember + */ + public function __construct( $prefix = '', $remember = true ) { + if ( ! $prefix ) { + return; + } + + $this->prefix = $prefix; + $this->remember = $remember; + + $this->live_item = 12 * HOUR_IN_SECONDS; + + // get all + $this->session = $this->load(); + } + + /** + * @return array|mixed + */ + public function load() { + if ( isset( $_SESSION[ $this->prefix ] ) ) { + return $_SESSION[ $this->prefix ]; + } elseif ( $this->remember && isset( $_COOKIE[ $this->prefix ] ) ) { + return $_SESSION[ $this->prefix ] = json_decode( WPHB_Helpers::sanitize_params_submitted( $_COOKIE[ $this->prefix ] ), true ); + } else { + // Only try transient if the session ID exists (sessions may be skipped for REST/CLI) + $session_id = session_id(); + if ( ! empty( $session_id ) ) { + $transient_prefix = $this->prefix . '_' . $session_id; + $transient = get_transient( $transient_prefix ); + if ( ! empty( $transient ) && is_array( $transient ) ) { + return $transient; + } + } + } + + return array(); + } + + /** + * @return null + */ + public function remove() { + if ( isset( $_SESSION[ $this->prefix ] ) ) { + unset( $_SESSION[ $this->prefix ] ); + } + + if ( $this->remember && isset( $_COOKIE[ $this->prefix ] ) ) { + unset( $_COOKIE[ $this->prefix ] ); + setcookie( $this->prefix, '', time() - $this->live_item, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true ); + } + + // Only delete transient if session ID exists + $session_id = session_id(); + if ( ! empty( $session_id ) ) { + $transient_prefix = $this->prefix . '_' . $session_id; + if ( get_transient( $transient_prefix ) ) { + delete_transient( $transient_prefix ); + } + } + + return $this->session = null; + } + + /** + * @param null $name + * @param null $value + */ + public function set( $name = null, $value = null ) { + if ( ! $name ) { + return; + } + if ( ! $value ) { + if ( is_array( $this->session ) ) { + unset( $this->session[ $name ] ); + } else { + unset( $this->session->{$name} ); + } + } elseif ( is_array( $this->session ) ) { + $this->session[ $name ] = $value; + } else { + $this->session->{$name} = $value; + } + $time = empty( $this->session ) ? time() - $this->live_item : time() + $this->live_item; + + // save session + $_SESSION[ $this->prefix ] = WPHB_Helpers::sanitize_params_submitted( $this->session ); + + // save cookie + if ( $this->remember ) { + // set transient for special case when cookie and session was removed after adding + // Only set transient if session ID exists (sessions may be skipped for REST/CLI) + $session_id = session_id(); + if ( ! empty( $session_id ) ) { + $transient_prefix = $this->prefix . '_' . $session_id; + set_transient( $transient_prefix, $this->session, $this->live_item ); + } + @setcookie( $this->prefix, wp_json_encode( $this->session ), $time, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true ); + } + } + + /** + * @param null $name + * @param null $default + * + * @return mixed|null + */ + public function get( $name = null, $default = null ) { + if ( ! $name ) { + return $default; + } + + if ( isset( $this->session[ $name ] ) ) { + return $this->session[ $name ]; + } + + return $default; + } + + /** + * @param string $prefix + * + * @return WPHB_Sessions + */ + public static function instance( $prefix = '' ) { + if ( ! empty( self::$_instance[ $prefix ] ) ) { + return self::$_instance[ $prefix ]; + } + + return self::$_instance[ $prefix ] = new self( $prefix ); + } + } +}
# Security Analysis: Code Diff for class-wphb-sessions.php
## Vulnerability 1: Potential Session Fixation via Empty Session ID
**Vulnerability Existed:** yes
**CWE-384 - Session Fixation - includes/class-wphb-sessions.php - Lines 88-98, 112-121, 156-163**
**Old Code:**
```php
} else {
$transient_prefix = $this->prefix . '_' . session_id();
$transient = get_transient( $transient_prefix );
if ( ! empty( $transient ) && is_array( $transient ) ) {
return $transient;
}
}
```
**Fixed Code:**
```php
} else {
// Only try transient if the session ID exists (sessions may be skipped for REST/CLI)
$session_id = session_id();
if ( ! empty( $session_id ) ) {
$transient_prefix = $this->prefix . '_' . $session_id;
$transient = get_transient( $transient_prefix );
if ( ! empty( $transient ) && is_array( $transient ) ) {
return $transient;
}
}
}
```
**Explanation:**
The old code concatenates `session_id()` directly without checking if it returns an empty string. When sessions are skipped (REST API, CLI, cron requests as per the new logic at lines 18-27), `session_id()` returns an empty string, creating a transient key like `prefix_`. This could lead to all requests without sessions sharing the same transient, causing data leakage or session confusion. The fix validates that `session_id()` is not empty before using it, preventing accidental data sharing across different contexts.
---
## Vulnerability 2: Unsafe Class Declaration Change (Not a Security Fix, but a Behavioral Change)
**Vulnerability Existed:** no
**Removed "final" Modifier - includes/class-wphb-sessions.php - Line 33**
**Old Code:**
```php
final class WPHB_Sessions {
```
**Fixed Code:**
```php
class WPHB_Sessions {
```
**Explanation:**
This is not a security vulnerability fix but a behavioral modification. Removing the `final` keyword allows the class to be extended, which changes the API surface. While not inherently a security issue, this could introduce security risks if subclasses override security-critical methods without proper validation. This appears to be an architectural decision rather than a security fix.
---
## Summary
The diff contains **one legitimate security fix** addressing a potential session fixation/data leakage vulnerability by validating session IDs before using them in transient key generation. The changes also include performance improvements for REST API, CLI, and cron requests by conditionally skipping session initialization.
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
--- cache/wp-hotel-booking_2.2.7/templates/checkout/customer-existing.php 2026-01-19 00:17:19.609926008 +0000+++ cache/wp-hotel-booking_2.2.8/templates/checkout/customer-existing.php 2026-01-19 00:19:41.654734575 +0000@@ -1,44 +1,45 @@-<?php-/**- * The template for displaying existing customer form in checkout page.- *- * This template can be overridden by copying it to yourtheme/wp-hotel-booking/checkout/customer-existing.php.- *- * @author ThimPress, leehld- * @package WP-Hotel-Booking/Templates- * @version 1.6- */--/**- * Prevent loading this file directly- */-defined( 'ABSPATH' ) || exit;--/**- * @var $cart WPHB_Cart- */-$cart = WP_Hotel_Booking::instance()->cart;-?>--<?php if ( ! is_user_logged_in() ) { ?>-- <div class="hb-order-existing-customer" data-label="<?php esc_attr_e( '-Or-', 'wp-hotel-booking' ); ?>">- <div class="hb-col-padding hb-col-border">- <h4><?php _e( 'Existing customer?', 'wp-hotel-booking' ); ?></h4>- <ul class="hb-form-table">- <li class="hb-form-field">- <label class="hb-form-field-label"><?php _e( 'Email', 'wp-hotel-booking' ); ?></label>- <div class="hb-form-field-input">- <input type="email" name="existing-customer-email"- value="<?php echo esc_attr( $cart->customer_email ); ?>"- placeholder="<?php _e( 'Your email here', 'wp-hotel-booking' ); ?>"/>- </div>- </li>- <li>- <button type="button" id="fetch-customer-info"><?php _e( 'Apply', 'wp-hotel-booking' ); ?></button>- </li>- </ul>- </div>- </div>--<?php } ?>+<?php +/** + * The template for displaying existing customer form in checkout page. + * + * This template can be overridden by copying it to yourtheme/wp-hotel-booking/checkout/customer-existing.php. + * + * @author ThimPress, leehld + * @package WP-Hotel-Booking/Templates + * @version 1.6 + */ + +/** + * Prevent loading this file directly + */ +defined( 'ABSPATH' ) || exit; + +/** + * @var $cart WPHB_Cart + */ +$cart = WP_Hotel_Booking::instance()->cart; +?> + +<?php if ( ! is_user_logged_in() ) { ?> + + <div class="hb-order-existing-customer" data-label="<?php esc_attr_e( '-Or-', 'wp-hotel-booking' ); ?>"> + <div class="hb-col-padding hb-col-border"> + <h4><?php _e( 'Existing customer?', 'wp-hotel-booking' ); ?></h4> + <ul class="hb-form-table"> + <li class="hb-form-field"> + <label class="hb-form-field-label"><?php _e( 'Email', 'wp-hotel-booking' ); ?></label> + <div class="hb-form-field-input"> + <input type="email" name="existing-customer-email" + value="<?php echo esc_attr( $cart->customer_email ); ?>" + placeholder="<?php _e( 'Your email here', 'wp-hotel-booking' ); ?>"/> + <?php wp_nonce_field( 'wphb_get_customer_info', 'existing-customer-nonce' ); ?> + </div> + </li> + <li> + <button type="button" id="fetch-customer-info"><?php _e( 'Apply', 'wp-hotel-booking' ); ?></button> + </li> + </ul> + </div> + </div> + +<?php } ?>
Vulnerability Existed: yes TRUE POSITIVE Cross-Site Request Forgery (CSRF) - CWE-352 - templates/checkout/customer-existing.php - Line 36 Old Code: ```php <input type="email" name="existing-customer-email" value="<?php echo esc_attr( $cart->customer_email ); ?>" placeholder="<?php _e( 'Your email here', 'wp-hotel-booking' ); ?>"/> ``` Fixed Code: ```php <input type="email" name="existing-customer-email" value="<?php echo esc_attr( $cart->customer_email ); ?>" placeholder="<?php _e( 'Your email here', 'wp-hotel-booking' ); ?>"/> <?php wp_nonce_field( 'wphb_get_customer_info', 'existing-customer-nonce' ); ?> ``` Explanation: The original code lacked CSRF protection for the customer information form. The form submitted user data (email address) without a nonce token to verify the request originated from the legitimate user. The fix adds `wp_nonce_field()` which generates a WordPress nonce token that must be verified server-side before processing the request. This prevents attackers from crafting malicious requests that trick users into submitting data without their knowledge. The nonce should be verified on the backend using `wp_verify_nonce()` when handling the AJAX request to fetch customer information.
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
--- cache/wp-hotel-booking_2.2.7/templates/checkout/customer.php 2026-01-19 00:17:19.609926008 +0000+++ cache/wp-hotel-booking_2.2.8/templates/checkout/customer.php 2026-01-19 00:19:41.654734575 +0000@@ -1,28 +1,28 @@-<?php-/**- * The template for displaying customer in checkout page.- *- * This template can be overridden by copying it to yourtheme/wp-hotel-booking/checkout/customer.php.- *- * @author ThimPress, leehld- * @package WP-Hotel-Booking/Templates- * @version 1.6- */--/**- * Prevent loading this file directly- */-defined( 'ABSPATH' ) || exit;--/**- * @var $customer- */-?>--<h3><?php _e( 'Customer Details', 'wp-hotel-booking' ); ?></h3>--<div class="hb-customer clearfix">- <?php hb_get_template( 'checkout/customer-existing.php', array( 'customer' => $customer ) ); ?>- <?php hb_get_template( 'checkout/customer-new.php', array( 'customer' => $customer ) ); ?>-</div>-<div class="hb-col-margin"></div>+<?php +/** + * The template for displaying customer in checkout page. + * + * This template can be overridden by copying it to yourtheme/wp-hotel-booking/checkout/customer.php. + * + * @author ThimPress, leehld + * @package WP-Hotel-Booking/Templates + * @version 1.6 + */ + +/** + * Prevent loading this file directly + */ +defined( 'ABSPATH' ) || exit; + +/** + * @var $customer + */ +?> + +<h3><?php _e( 'Customer Details', 'wp-hotel-booking' ); ?></h3> + +<div class="hb-customer clearfix"> + <?php //hb_get_template( 'checkout/customer-existing.php', array( 'customer' => $customer ) ); ?> + <?php hb_get_template( 'checkout/customer-new.php', array( 'customer' => $customer ) ); ?> +</div> +<div class="hb-col-margin"></div>
Analyzing the provided code diff for security vulnerabilities: --- **Vulnerability Existed: no** **No Security Vulnerability - Code Comment Change** - N/A - templates/checkout/customer.php [26] **Old Code:** ```php <?php hb_get_template( 'checkout/customer-existing.php', array( 'customer' => $customer ) ); ?> ``` **Fixed Code:** ```php <?php //hb_get_template( 'checkout/customer-existing.php', array( 'customer' => $customer ) ); ?> ``` **Explanation:** This diff shows only a line-ending normalization (CRLF to LF) and a single functional change: commenting out a template function call on line 26. This is not a security fix—it's a feature modification that disables the "customer-existing.php" template rendering. The change does not address, introduce, or remediate any security vulnerabilities. The code remains functionally safe from a security perspective; this is merely disabling a feature component.
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
--- cache/wp-hotel-booking_2.2.7/vendor/composer/installed.php 2026-01-19 00:17:19.617926505 +0000+++ cache/wp-hotel-booking_2.2.8/vendor/composer/installed.php 2026-01-19 00:19:41.678736063 +0000@@ -5,7 +5,7 @@ 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(),- 'reference' => 'c92d607219faa472aeb893d6f2755115b0fc0af5',+ 'reference' => 'e0c2e0f319e5f01d4913586f1f4ea5db34d47632', 'name' => 'wp-hotel-booking/wp-hotel-booking', 'dev' => false, ),@@ -16,7 +16,7 @@ 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(),- 'reference' => 'c92d607219faa472aeb893d6f2755115b0fc0af5',+ 'reference' => 'e0c2e0f319e5f01d4913586f1f4ea5db34d47632', 'dev_requirement' => false, ), ),
I'll analyze this code diff for security vulnerabilities. **Analysis Result:** Vulnerability Existed: no **Explanation:** This diff shows changes to `vendor/composer/installed.php`, which is a Composer metadata file that tracks package versions and references. The changes are: - Line 8: Git reference hash updated from `c92d607219faa472aeb893d6f2755115b0fc0af5` to `e0c2e0f319e5f01d4913586f1f4ea5db34d47632` - Line 19: Same git reference hash updated in a duplicate entry **Security Assessment:** This is a routine package version update metadata change. The file contains only: - Package name and type information - Installation paths using PHP constants (`__DIR__`) - Git commit references - Dependency flags **No vulnerabilities are present because:** 1. No executable code is modified or introduced 2. No new code patterns that could introduce injection vulnerabilities 3. The changes are purely metadata updates (version references) 4. Git hash updates are benign version tracking changes 5. No sensitive data, credentials, or unsafe operations are involved 6. The file structure and format remain unchanged This appears to be a standard dependency/package version bump update with no security implications.
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
--- cache/wp-hotel-booking_2.2.7/wp-hotel-booking.php 2026-01-19 00:17:19.617926505 +0000+++ cache/wp-hotel-booking_2.2.8/wp-hotel-booking.php 2026-01-19 00:19:41.678736063 +0000@@ -1,734 +1,734 @@-<?php-/**- * Plugin Name: WP Hotel Booking- * Plugin URI: http://thimpress.com/- * Description: Full of professional features for a booking room system- * Author: ThimPress- * Version: 2.2.7- * Author URI: http://thimpress.com- * Text Domain: wp-hotel-booking- * Domain Path: /languages/- * Requires PHP: 7.4- * Requires at least: 6.0- * @package wp-hotel-booking- */--use WPHB\TemplateHooks\CheckRoomsTemplate;-use WPHB\TemplateHooks\ArchiveRoomTemplate;-use WPHB\TemplateHooks\SingleRoomExternalLinkTemplate;-use WPHB\TemplateHooks\Admin\AdminExternalLinkIconSetting;--defined( 'ABSPATH' ) || exit;--const WPHB_FILE = __FILE__;-const WPHB_PLUGIN_PATH = __DIR__;-$default_headers = array(- 'Version' => 'Version',- 'TextDomain' => 'Text Domain',-);-$plugin_info = get_file_data( __FILE__, $default_headers, 'plugin' );-define( 'WPHB_VERSION', $plugin_info['Version'] );-define( 'WPHB_PLUGIN_URL', plugins_url( '', WPHB_FILE ) );-define( 'WPHB_BLOG_ID', get_current_blog_id() );-define( 'WPHB_TEMPLATES', WPHB_PLUGIN_PATH . '/templates/' );-const TP_HB_EXTRA = __FILE__;-const WPHB_DEBUG = 1;-const WPHB_API_V2 = 1;-const WPHB_SHOW_FORM = 0;-const WPHB_ROOM_CT = 'hb_room';--/**- * Class WP_Hotel_Booking- */-class WP_Hotel_Booking {-- /**- * Hold the instance of main class- *- * @var object- */- protected static $_instance = null;-- /**- * Plugin path- *- * @var string- */- protected $_plugin_path = null;-- /**- * Plugin URL- *- * @var string- */- protected $_plugin_url = null;-- /**- * @var WPHB_Cart- */- public $cart = null;-- /**- * @var null- */- public $user = null;-- /**- * Construction- */- private function __construct() {- $this->includes();-- global $wpdb;- $wpdb->hotel_booking_order_items = $wpdb->prefix . 'hotel_booking_order_items';-- //add_action( 'plugins_loaded', array( $this, 'plugins_loaded' ) );- add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_assets' ) );- add_action( 'wp_enqueue_scripts', array( $this, 'enqueue_assets' ) );- add_action( 'wp_print_scripts', array( $this, 'global_js' ) );- add_action( 'template_redirect', 'hb_handle_purchase_request', 999 );- // add_action( 'admin_init', array( $this, 'create_tables' ) );- register_activation_hook( plugin_basename( __FILE__ ), array( $this, 'install' ) );- register_deactivation_hook( plugin_basename( __FILE__ ), array( $this, 'uninstall' ) );- add_action( 'plugin_loaded', function() {- if ( ! get_option( 'hotel_booking_version', false ) ) {- $this->install();- }- } );-- add_action( 'init', array( $this, 'init' ), 20 );-- // create new blog in multisite- add_action( 'wp_initialize_site', array( $this, 'create_new_blog' ), 10, 2 );- // multisite delete table in multisite- add_filter( 'wpmu_drop_tables', array( $this, 'delete_blog_table' ) );-- add_action( 'admin_init', array( $this, 'deactivate_plugins_old' ) );-- /**- * Load Widgets support Elementor- *- * This hook has from THIM_EKIT_VERSION 1.3.1- */- add_action(- 'thim_ekit/modules/handle',- function () {- $this->_include( '/includes/elementor/modules/class-init.php' );- }- );- }-- public function init() {- // load text domain- $this->load_text_domain();- // cart- $this->cart = WPHB_Cart::instance();- // user- $this->user = hb_get_current_user();-- // Check Elementor, Thim El Kit is active.- if ( class_exists( 'Thim_EL_Kit' ) && defined( 'ELEMENTOR_VERSION' )- && version_compare( THIM_EKIT_VERSION, '1.3.0', '<=' ) ) {- // Load Widgets support Elementor- $this->_include( '/includes/elementor/modules/class-init.php' );- }- }-- // public function create_tables() {- // WPHB_Install::create_tables();- // WPHB_Install::create_pages();- // }-- // install hook- public function install() {- WPHB_Install::install();- $this->_include( 'includes/class-wphb-roles.php' );- }-- // uninstall hook- public function uninstall() {- WPHB_Install::uninstall();- }-- // create new blog table- public function create_new_blog( $new_site, $args ) {- WPHB_Install::create_new_blog( $new_site, $args );- }-- // delete table when delete blog, multisite- public function delete_blog_table( $tables ) {- return WPHB_Install::delete_tables( $tables );- }-- /**- * Deactive plugin already merge to core wp-hotel-booking- */- public function deactivate_plugins_old() {-- $flag = version_compare( get_option( 'hotel_booking_version' ), WPHB_VERSION, '>=' );- if ( $flag ) {- $plugins = apply_filters(- '_hb_deactivate_plugins_old',- array(- 'wp-hotel-booking-block-room/wp-hotel-booking-block.php',- 'wp-hotel-booking-coupon/wp-hotel-booking-coupon.php',- 'wp-hotel-booking-report/wp-hotel-booking-report.php',- 'wp-hotel-booking-booking-room/wp-hotel-booking-room.php',- )- );- foreach ( $plugins as $plugin ) {- if ( in_array( $plugin, apply_filters( 'active_plugins', get_option( 'active_plugins' ) ) ) ) {- deactivate_plugins( $plugin );- if ( isset( $_GET['activate'] ) ) {- unset( $_GET['activate'] );- }- }- }- }- }-- /**- * Include a file- *- * @param string- * @param bool- * @param array- */- public function _include( $file, $root = true, $args = array(), $unique = true ) {- if ( $root ) {- $file = $this->plugin_path( $file );- }- if ( is_array( $args ) ) {- extract( $args );- }-- if ( file_exists( $file ) ) {- if ( $unique ) {- require_once $file;- } else {- require $file;- }- }- }-- /**- * Get the full path of a file- *- * @param string- *- * @return string- */- public function locate( $file ) {- return $this->_plugin_path . '/' . $file;- }-- /**- * Includes common files and libraries- */- public function includes() {- include_once WPHB_PLUGIN_PATH . '/vendor/autoload.php';- $this->include_files_global();-- if ( is_admin() ) {- $this->admin_includes();- }-- if ( ! is_admin() ) {- $this->frontend_includes();- }-- CheckRoomsTemplate::instance()->init();- ArchiveRoomTemplate::instance()->init();- AdminExternalLinkIconSetting::instance()->init();- SingleRoomExternalLinkTemplate::instance()->init();- }--- public function include_files_global() {- $this->_include( 'includes/class-wphb-autoloader.php' );- $this->_include( 'includes/class-wphb-template-loader.php' );- $this->_include( 'includes/class-wphb-ajax.php' );- $this->_include( 'includes/class-wphb-install.php' );- $this->_include( 'includes/class-wphb-rest-response.php' );-- $this->_include( 'includes/class-wphb-gdpr.php' );- $this->_include( 'includes/class-wphb-helpers.php' );-- $this->_include( 'includes/class-wphb-post-types.php' );- $this->_include( 'includes/wphb-core-functions.php' );- $this->_include( 'includes/wphb-functions.php' );- $this->_include( 'includes/class-wphb-resizer.php' );-- $this->_include( 'includes/class-wphb-settings.php' );- $this->_include( 'includes/class-wphb-comments.php' );- $this->_include( 'includes/wphb-template-hooks.php' );- $this->_include( 'includes/wphb-template-functions.php' );- $this->_include( 'includes/wphb-widget-functions.php' );- $this->_include( 'includes/admin/helpers/class-wphb-override-template.php' );-- // booking- $this->_include( 'includes/booking/wphb-booking-functions.php' );- $this->_include( 'includes/booking/wphb-booking-hooks.php' );- $this->_include( 'includes/booking/class-wphb-booking.php' );- $this->_include( 'includes/booking/class-wphb-booking-block.php' );- $this->_include( 'includes/booking/class-wphb-booking-room-available.php' );-- // users- $this->_include( 'includes/user/wphb-user-functions.php' );- $this->_include( 'includes/user/class-wphb-user.php' );- // $this->_include( 'includes/class-wphb-roles.php' );-- // products- $this->_include( 'includes/products/class-wphb-abstract-product.php' );- $this->_include( 'includes/products/class-wphb-product-room.php' );- // end products-- $this->_include( 'includes/room/wphb-room-functions.php' );- $this->_include( 'includes/room/class-wphb-room.php' );- $this->_include( 'includes/plugins/wp-hotel-booking-extra/wp-hotel-booking-extra.php' );- // // end addon-- $this->_include( 'includes/class-wphb-sessions.php' );- // cart- $this->_include( 'includes/cart/wphb-cart-functions.php' );- $this->_include( 'includes/cart/class-wphb-cart.php' );- $this->_include( 'includes/gateways/class-wphb-payment-gateway-base.php' );-- $this->_include( 'includes/wphb-webhooks.php' );-- // rest api- $this->_include( 'includes/abstracts/class-wphb-abstract-rest-api.php' );- $this->_include( 'includes/abstracts/class-wphb-abstract-rest-controller.php' );- $this->_include( 'includes/rest-api/class-wphb-core-api.php' );- $this->_include( 'includes/rest-api/class-wphb-admin-core-api.php' );-- // wphb booking single rooms- $this->_include( 'includes/room/class-wphb-booking-room.php' );-- // coupon hooks- $this->_include( 'includes/coupons/class-wphb-coupon-hooks.php' );-- // block template- $this->_include( 'includes/abstracts/class-wphb-asbtract-block-template.php' );- $this->_include( 'includes/class-wphb-block-template-config.php' );-- //meta boxes- $this->_include( 'includes/class-wphb-meta-box.php' );-- //template-hook- $this->_include( 'includes/template-hooks/class-wphb-search.php' );- }--- public function frontend_includes() {- // shortcodes- $this->_include( 'includes/shortcodes/class-wphb-abstract-shortcodes.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-cart.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-account.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-checkout.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-thankyou.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-lastest-reviews.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-best-reviews.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-rooms.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-mini-cart.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-slider.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking.php' );- $this->_include( 'includes/shortcodes/class-wphb-shortcode-hotel-booking-filter.php' );- // end shortcodes-- if ( ! class_exists( 'Aq_Resize' ) ) {- $this->_include( 'includes/aq_resizer.php' );- }- }-- public function admin_includes() {- $this->_include( 'includes/admin/class-wphb-admin.php' );- }-- // load payments addons- /*public function plugins_loaded() {- // load text domain- $this->load_text_domain();- }*/-- /**- * Get the path of the plugin with sub path- *- * @param string $sub- *- * @return string- */- public function plugin_path( $sub = '' ) {- if ( ! $this->_plugin_path ) {- $this->_plugin_path = untrailingslashit( plugin_dir_path( __FILE__ ) );- }-- return $this->_plugin_path . '/' . $sub;- }-- /**- * Get the url of the plugin with sub path- *- * @param string $sub- *- * @return string- */- public function plugin_url( $sub = '' ) {- if ( ! $this->_plugin_url ) {- $this->_plugin_url = untrailingslashit( plugins_url( '/', __FILE__ ) );- }-- return $this->_plugin_url . '/' . $sub;- }-- /**- * Load language for the plugin- */- public function load_text_domain() {- // prefix- $prefix = basename( dirname( plugin_basename( __FILE__ ) ) );- $locale = get_locale();- $dir = $this->plugin_path( 'languages' );- $mofile = false;-- $global_file = WP_LANG_DIR . '/plugins/' . $prefix . '-' . $locale . '.mo';- $plugin_file = $dir . '/' . $prefix . '-' . $locale . '.mo';-- if ( file_exists( $global_file ) ) {- $mofile = $global_file;- } elseif ( file_exists( $plugin_file ) ) {- $mofile = $plugin_file;- }-- if ( $mofile ) {- // In themes/plugins/mu-plugins directory- load_textdomain( 'wp-hotel-booking', $mofile );- }- }-- /**- * Enqueue assets for the plugin- */- public function enqueue_assets() {- $v_rand = uniqid();- $version = WPHB_VERSION;- $min = '.min';- if ( WPHB_Settings::is_debug() ) {- $min = '';- $version = $v_rand;- }-- $dependencies = array(- 'jquery',- 'jquery-ui-sortable',- 'jquery-ui-datepicker',- 'wp-util',- 'wp-api-fetch',- );-- // Register styles- wp_register_style( 'wphb-ui-slider', $this->plugin_url( 'assets/lib/slider/nouislider.min.css' ) );- wp_register_style( 'wp-hotel-booking-libaries-style', $this->plugin_url( 'assets/css/libraries.css' ) );- wp_register_style( 'wp-hotel-booking-review-gallery', $this->plugin_url( "assets/css/review-gallery{$min}.css" ), [], $version );- wp_register_style( 'wp-admin-hotel-booking', $this->plugin_url( "assets/css/admin/admin.tp-hotel-booking{$min}.css" ), [], $version );- wp_register_style( 'wp-admin-single-room-v2', $this->plugin_url( "assets/css/admin/admin-single-room{$min}.css" ) );- wp_register_style( 'wp-admin-review-image', $this->plugin_url( "assets/css/admin/review-image{$min}.css" ), [], $v_rand );- wp_register_style( 'wp-admin-hotel-booking-fullcalendar', $this->plugin_url( 'assets/css/fullcalendar.min.css' ) );- wp_register_style( 'wp-hotel-booking', $this->plugin_url( 'assets/css/hotel-booking.css' ), [], WPHB_VERSION );- wp_register_style( 'wp-hotel-booking-theme-default', $this->plugin_url( 'assets/css/theme-default.css' ), [], rand() );- wp_register_style( 'wp-admin-hotel-booking-calendar-v2', $this->plugin_url( 'assets/css/admin/main.min.css' ) );- wp_register_style( 'tingle-css', $this->plugin_url( 'assets/lib/tingle.css' ) );- wp_register_style( 'flatpickr-css', $this->plugin_url( 'assets/lib/flatpickr.min.css' ) );- wp_register_style( 'wphb-single-room-css', WPHB_PLUGIN_URL . '/assets/css/booking-single-room.css', [], $version );- // End Register styles-- // Register scripts- // select2- wp_register_script( 'wp-admin-hotel-booking-select2', $this->plugin_url( 'assets/js/select2.min.js' ) );- // dropdown pages- wp_register_script( 'wphb-dropdown-pages', $this->plugin_url( 'assets/js/admin/dropdown-pages.js' ) );- // moment- wp_register_script( 'wp-hotel-booking-moment', $this->plugin_url( 'assets/js/moment.min.js' ) );- //nouiSlider- wp_register_script( 'wphb-ui-slider', $this->plugin_url( 'assets/lib/slider/nouislider.min.js' ) );-- $dependencies = array_merge( $dependencies, array( 'backbone' ) );- if ( is_admin() ) {- $screen = get_current_screen();- if ( $screen->base === 'edit-tags' && ( $screen->taxonomy === 'hb_room_type' || $screen->taxonomy === 'hb_room_capacity' ) ) {- wp_register_script(- 'wp-admin-hotel-booking',- $this->plugin_url( 'assets/js/admin/admin.room-taxonomies.js' ),- $dependencies,- false,- true- );- } else if ( $screen && WPHB_ROOM_CT === $screen->post_type && 'post' === $screen->base ) {- wp_register_script(- 'wphb-admin-room-external-link',- $this->plugin_url( "assets/dist/js/admin/room-external-link{$min}.js" ),- $dependencies,- false,- true- );- }- }-- wp_register_script(- 'wp-admin-hotel-booking',- $this->plugin_url( "assets/js/admin/admin.hotel-booking{$min}.js" ),- array_merge( $dependencies, array( 'wphb-dropdown-pages' ) ),- $v_rand- );- wp_register_script(- 'wp-admin-room-filter',- $this->plugin_url( "assets/js/admin/room-filter{$min}.js" ),- array_merge( $dependencies, array() ),- $v_rand- );-- wp_register_script( 'wp-admin-hotel-booking-fullcalendar', $this->plugin_url( 'assets/js/fullcalendar.min.js' ), $dependencies );-- wp_register_script(- 'wp-hotel-booking',- $this->plugin_url( "assets/dist/js/frontend/hotel-booking{$min}.js" ),- $dependencies,- $version,- array(- 'strategy' => 'defer',- )- );- wp_register_script(- 'wp-hotel-booking-v2',- $this->plugin_url( "assets/dist/js/frontend/hotel-booking-v2{$min}.js" ),- $dependencies,- $version,- array(- 'strategy' => 'defer',- )- );- wp_register_script(- 'wp-hotel-booking-sort-by',- $this->plugin_url( "assets/dist/js/frontend/sort-by{$min}.js" ),- array(),- $version,- array(- 'strategy' => 'defer',- )- );- wp_register_script(- 'wp-hotel-booking-filter-by',- $this->plugin_url( "assets/dist/js/frontend/filter-by{$min}.js" ),- array(),- $version,- array(- 'strategy' => 'defer',- )- );- wp_register_script(- 'wp-hotel-booking-room-review',- $this->plugin_url( "assets/dist/js/frontend/room-review{$min}.js" ),- array(),- $version,- array(- 'strategy' => 'defer',- )- );-- wp_localize_script( 'wp-hotel-booking', 'hotel_booking_i18n', hb_i18n() );-- // rooms slider widget- wp_register_script( 'wp-hotel-booking-gallery', $this->plugin_url( 'includes/libraries/camera/js/gallery.min.js' ), $dependencies ); // old camera- wp_register_script( 'flexslider', $this->plugin_url( 'includes/libraries/flexslider/jquery.flexslider.min.js' ), $dependencies, WPHB_VERSION ); // new flexslider-- // owl carousel- wp_register_script( 'wp-hotel-booking-owl-carousel', $this->plugin_url( 'includes/libraries/owl-carousel/owl.carousel.min.js' ), $dependencies );-- // calendar v2 : move addon to single rooms- wp_register_script( 'wp-admin-hotel-booking-calendar-v2', $this->plugin_url( 'assets/js/admin/main.min.js' ), $dependencies );- wp_register_script( 'wp-admin-hotel-booking-v2', $this->plugin_url( 'assets/js/admin/admin.hotel-booking-v2.js' ), $dependencies, WPHB_VERSION );-- // Single room script.- wp_register_script(- 'wphb-single-room-js',- WPHB_PLUGIN_URL . "/assets/dist/js/frontend/wphb-single-room{$min}.js",- [],- $version,- [ 'strategy' => 'defer' ]- );- // End Register scripts-- if ( is_admin() ) {- wp_enqueue_style( 'wp-admin-hotel-booking' );- wp_localize_script( 'wp-admin-hotel-booking', 'hotel_booking_i18n', hb_admin_i18n() );- wp_enqueue_script( 'wp-admin-hotel-booking' );- wp_enqueue_script( 'wp-admin-room-filter' );- wp_enqueue_script( 'backbone' );- wp_enqueue_style( 'wp-admin-single-room-v2' );- wp_enqueue_style( 'wp-admin-review-image' );-- // report- wp_enqueue_script( 'jquery' );- wp_enqueue_script( 'jquery-ui-core' );- wp_enqueue_script( 'jquery-ui-autocomplete' );-- /* fullcalendar */- wp_enqueue_script( 'wp-hotel-booking-moment' );- wp_enqueue_style( 'wp-admin-hotel-booking-fullcalendar' );- wp_enqueue_script( 'wp-admin-hotel-booking-fullcalendar' );-- } else {- wp_enqueue_style( 'wphb-ui-slider' );- wp_enqueue_style( 'wp-hotel-booking' );- wp_enqueue_style( 'wp-hotel-booking-theme-default' );- wp_enqueue_style( 'wp-hotel-booking-review-gallery' );-- wp_enqueue_script( 'wp-hotel-booking' );- wp_enqueue_script( 'wp-hotel-booking-v2' );- wp_enqueue_script( 'wp-hotel-booking-sort-by' );- wp_enqueue_script( 'wp-hotel-booking-filter-by' );- wp_enqueue_script( 'wp-hotel-booking-room-review' );- wp_enqueue_style( 'flatpickr-css' );-- // Load scripts and styles for single room- if ( is_singular( 'hb_room' ) ) {- wp_enqueue_style( 'tingle-css' );- wp_enqueue_style( 'wphb-single-room-css' );- wp_enqueue_script( 'wphb-single-room-js' );- wp_enqueue_script( 'wp-hotel-booking-gallery' );- wp_enqueue_script( 'flexslider' );-- global $post;-- $max_images = hb_settings()->get( 'max_review_image_number' );- if ( empty( $max_images ) ) {- $max_images = 10;- }-- $max_file_size = hb_settings()->get( 'max_review_image_file_size' );-- if ( empty( $max_file_size ) ) {- $max_file_size = 1000000;- }-- $is_enable = intval( hb_settings()->get( 'enable_advanced_review' ) ) === 1;-- wp_localize_script(- 'wp-hotel-booking-room-review',- 'HB_ROOM_REVIEW_GALLERY',- array(- 'room_id' => $post->ID,- 'is_enable' => $is_enable,- 'max_images' => $max_images,- 'max_file_size' => $max_file_size,- 'max_image_error' => sprintf( esc_html__( 'The image number is greater than %s', 'wp-hotel-booking' ), $max_images ),- 'file_type_error' => esc_html__( 'The image file type is invalid', 'wp-hotel-booking' ),- 'max_file_size_error' => sprintf( esc_html__( 'The maximum file size is %s KB', 'wp-hotel-booking' ), $max_file_size ),- $max_file_size,- )- );- }-- // rooms slider widget- wp_enqueue_script( 'wp-hotel-booking-owl-carousel' );-- // booking in single rooms- //wp_enqueue_style( 'wp-hotel-booking-magnific-popup-css' );- wp_enqueue_script( 'wphb-ui-slider' );- //wp_enqueue_script( 'wp-hotel-booking-magnific-popup-js' );- }- wp_enqueue_style( 'wp-hotel-booking-libaries-style' );-- // select2- wp_enqueue_script( 'wp-admin-hotel-booking-select2' );- // wp_enqueue_script( 'colorpicker' );-- /* calendar v2 */- wp_enqueue_script( 'wp-admin-hotel-booking-calendar-v2' );- wp_enqueue_style( 'wp-admin-hotel-booking-calendar-v2' );- wp_enqueue_script( 'wp-admin-hotel-booking-v2' );- }-- /**- * Output global js settings- */- public function global_js() {-- if ( is_user_logged_in() && is_admin() ) {- $screen = get_current_screen();- }- $upload_dir = wp_upload_dir();- $upload_base_url = $upload_dir['baseurl'];- $min_booking_date = get_option( 'tp_hotel_booking_minimum_booking_day' ) ? get_option( 'tp_hotel_booking_minimum_booking_day' ) : 0;- $cart_page_url = ! empty( hb_settings()->get( 'cart_page_id' ) ) ? get_permalink( hb_settings()->get( 'cart_page_id' ) ) : '';- $checkout_page_url = ! empty( hb_settings()->get( 'checkout_page_id' ) ) ? get_permalink( hb_settings()->get( 'checkout_page_id' ) ) : '';- $currency = get_option( 'tp_hotel_booking_currency', 'USD' );- $currency_symbol = hb_get_currency_symbol( $currency );- $thousands_separator = get_option( 'tp_hotel_booking_price_thousands_separator' ) ? get_option( 'tp_hotel_booking_price_thousands_separator' ) : ',';- $decimals_separator = get_option( 'tp_hotel_booking_price_decimals_separator' ) ? get_option( 'tp_hotel_booking_price_decimals_separator' ) : '.';- $number_decimal = get_option( 'tp_hotel_booking_price_number_of_decimal' ) ? get_option( 'tp_hotel_booking_price_number_of_decimal' ) : '0';- ?>- <script type="text/javascript">- var hotel_settings = {- cart_page_url: '<?php echo esc_url( $cart_page_url ); ?>',- checkout_page_url: '<?php echo esc_url( $checkout_page_url ); ?>',- site_url: '<?php echo esc_url( site_url() ); ?>',- ajax: '<?php echo esc_url( admin_url( 'admin-ajax.php' ) ); ?>',- settings: <?php echo WPHB_Settings::instance()->toJson( apply_filters( 'hb_settings_fields', array( 'review_rating_required' ) ) ); ?>,- upload_base_url: '<?php echo esc_js( $upload_base_url ); ?>',- meta_key: {- prefix: '_hb_'- },- date_format: '<?php echo get_option( 'date_format' ); ?>',- nonce: '<?php echo esc_html( wp_create_nonce( 'hb_booking_nonce_action' ) ); ?>',- timezone: '<?php echo esc_html( current_time( 'timestamp' ) ); ?>',- min_booking_date: <?php echo esc_html( $min_booking_date ); ?>,- wphb_rest_url: '<?php echo get_rest_url(); ?>',- wphb_rest_nonce: '<?php echo wp_create_nonce( 'wp_rest' ); ?>',- is_page_search: <?php echo is_page( hb_get_page_id( 'search' ) ) ? 1 : 0; ?>,- url_page_search: '<?php echo get_permalink( hb_get_page_id( 'search' ) ); ?>',- url_page_rooms: '<?php echo get_permalink( hb_get_page_id( 'rooms' ) ); ?>',- room_id: <?php echo isset( $screen->id ) && $screen->id == 'hb_room' ? get_the_ID() : 0; ?>,- block_dates:- <?php- $room_id = get_the_ID();- $selected_block = array();- if ( $room_id ) {- $calendar_id = get_post_meta( $room_id, 'hb_blocked_id', true );- if ( $calendar_id ) {- $selected_block = get_post_meta( $calendar_id, 'hb_blocked_time' );- }- }- echo json_encode( $selected_block );- ?>- ,- currency: '<?php echo $currency; ?>',- currency_symbol: '<?php echo $currency_symbol; ?>',- currency_position: '<?php echo get_option( 'tp_hotel_booking_price_currency_position', 'left' ); ?>',- thousands_separator: '<?php echo $thousands_separator; ?>',- decimals_separator: '<?php echo $decimals_separator; ?>',- number_decimal: '<?php echo $number_decimal; ?>',- user_id: '<?php echo get_current_user_id(); ?>',- include_tax:'<?php echo hb_price_including_tax() ? (float) WPHB_Settings::instance()->get( 'tax' ) : 0; ?>',- }- </script>- <?php- }-- /**- * Create an instance of the plugin if it is not created- *- * @static- * @return object|WP_Hotel_Booking- */- public static function instance() {- if ( is_null( self::$_instance ) ) {- self::$_instance = new self();- }-- return self::$_instance;- }-}--WP_Hotel_Booking::instance();-+<?php +/** + * Plugin Name: WP Hotel Booking + * Plugin URI: http://thimpress.com/ + * Description: Full of professional features for a booking room system + * Author: ThimPress + * Version: 2.2.8 + * Author URI: http://thimpress.com + * Text Domain: wp-hotel-booking + * Domain Path: /languages/ + * Requires PHP: 7.4 + * Requires at least: 6.0 + * @package wp-hotel-booking + */ + +use WPHB\TemplateHooks\CheckRoomsTemplate; +use WPHB\TemplateHooks\ArchiveRoomTemplate; +use WPHB\TemplateHooks\SingleRoomExternalLinkTemplate; +use WPHB\TemplateHooks\Admin\AdminExternalLinkIconSetting; + +defined( 'ABSPATH' ) || exit; + +const WPHB_FILE = __FILE__; +const WPHB_PLUGIN_PATH = __DIR__; +$default_headers = array( + 'Version' => 'Version', + 'TextDomain' => 'Text Domain', +); +$plugin_info = get_file_data( __FILE__, $default_headers, 'plugin' ); +define( 'WPHB_VERSION', $plugin_info['Version'] ); +define( 'WPHB_PLUGIN_URL', plugins_url( '', WPHB_FILE ) ); +define( 'WPHB_BLOG_ID', get_current_blog_id() ); +define( 'WPHB_TEMPLATES', WPHB_PLUGIN_PATH . '/templates/' ); +const TP_HB_EXTRA = __FILE__; +const WPHB_DEBUG = 1; +const WPHB_API_V2 = 1; +const WPHB_SHOW_FORM = 0; +const WPHB_ROOM_CT = 'hb_room'; + +/** + * Class WP_Hotel_Booking + */ +class WP_Hotel_Booking { + + /** + * Hold the instance of main class + * + * @var object + */ + protected static $_instance = null; + + /** + * Plugin path + * + * @var string + */ + protected $_plugin_path = null; + + /** + * Plugin URL + * + * @var string + */ + protected $_plugin_url = null; + + /** + * @var WPHB_Cart + */ + public $cart = null; + + /** + * @var null + */ + public $user = null; + + /** + * Construction + */ + private function __construct() { + $this->includes(); + + global $wpdb; + $wpdb->hotel_booking_order_items = $wpdb->prefix . 'hotel_booking_order_items'; + + //add_action( 'plugins_loaded', array( $this, 'plugins_loaded' ) ); + add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_assets' ) ); + add_action( 'wp_enqueue_scripts', array( $this, 'enqueue_assets' ) ); + add_action( 'wp_print_scripts', array( $this, 'global_js' ) ); + add_action( 'template_redirect', 'hb_handle_purchase_request', 999 ); + // add_action( 'admin_init', array( $this, 'create_tables' ) ); + register_activation_hook( plugin_basename( __FILE__ ), array( $this, 'install' ) ); + register_deactivation_hook( plugin_basename( __FILE__ ), array( $this, 'uninstall' ) ); + add_action( 'plugin_loaded', function() { + if ( ! get_option( 'hotel_booking_version', false ) ) { + $this->install(); + } + } ); + + add_action( 'init', array( $this, 'init' ), 20 ); + + // create new blog in multisite + add_action( 'wp_initialize_site', array( $this, 'create_new_blog' ), 10, 2 ); + // multisite delete table in multisite + add_filter( 'wpmu_drop_tables', array( $this, 'delete_blog_table' ) ); + + add_action( 'admin_init', array( $this, 'deactivate_plugins_old' ) ); + + /** + * Load Widgets support Elementor + * + * This hook has from THIM_EKIT_VERSION 1.3.1 + */ + add_action( + 'thim_ekit/modules/handle', + function () { + $this->_include( '/includes/elementor/modules/class-init.php' ); + } + ); + } + + public function init() { + // load text domain + $this->load_text_domain(); + // cart + $this->cart = WPHB_Cart::instance(); + // user + $this->user = hb_get_current_user(); + + // Check Elementor, Thim El Kit is active. + if ( class_exists( 'Thim_EL_Kit' ) && defined( 'ELEMENTOR_VERSION' ) + && version_compare( THIM_EKIT_VERSION, '1.3.0', '<=' ) ) { + // Load Widgets support Elementor + $this->_include( '/includes/elementor/modules/class-init.php' ); + } + } + + // public function create_tables() { + // WPHB_Install::create_tables(); + // WPHB_Install::create_pages(); + // } + + // install hook + public function install() { + WPHB_Install::install(); + $this->_include( 'includes/class-wphb-roles.php' ); + } + + // uninstall hook + public function uninstall() { + WPHB_Install::uninstall(); + } + + // create new blog table + public function create_new_blog( $new_site, $args ) { + WPHB_Install::create_new_blog( $new_site, $args ); + } + + // delete table when delete blog, multisite + public function delete_blog_table( $tables ) { + return WPHB_Install::delete_tables( $tables ); + } + + /** + * Deactive plugin already merge to core wp-hotel-booking + */ + public function deactivate_plugins_old() { + + $flag = version_compare( get_option( 'hotel_booking_version' ), WPHB_VERSION, '>=' ); + if ( $flag ) { + $plugins = apply_filters( + '_hb_deactivate_plugins_old', + array( + 'wp-hotel-booking-block-room/wp-hotel-booking-block.php', + 'wp-hotel-booking-coupon/wp-hotel-booking-coupon.php', + 'wp-hotel-booking-report/wp-hotel-booking-report.php', + 'wp-hotel-booking-booking-room/wp-hotel-booking-room.php', + ) + ); + foreach ( $plugins as $plugin ) { + if ( in_array( $plugin, apply_filters( 'active_plugins', get_option( 'active_plugins' ) ) ) ) { + deactivate_plugins( $plugin ); + if ( isset( $_GET['activate'] ) ) { + unset( $_GET['activate'] ); + } + } + } + } + } + + /** + * Include a file + * + * @param string + * @param bool + * @param array + */ + public function _include( $file, $root = true, $args = array(), $unique = true ) { + if ( $root ) { + $file = $this->plugin_path( $file ); + } + if ( is_array( $args ) ) { + extract( $args ); + } + + if ( file_exists( $file ) ) { + if ( $unique ) { + require_once $file; + } else { + require $file; + } + } + } + + /** + * Get the full path of a file + * + * @param string + * + * @return string + */ + public function locate( $file ) { + return $this->_plugin_path . '/' . $file; + } + + /** + * Includes common files and libraries + */ + public function includes() { + include_once WPHB_PLUGIN_PATH . '/vendor/autoload.php'; + $this->include_files_global(); + + if ( is_admin() ) { + $this->admin_includes(); + } + + if ( ! is_admin() ) { + $this->frontend_includes(); + } + + CheckRoomsTemplate::instance()->init(); + ArchiveRoomTemplate::instance()->init(); + AdminExternalLinkIconSetting::instance()->init(); + SingleRoomExternalLinkTemplate::instance()->init(); + } + + + public function include_files_global() { + $this->_include( 'includes/class-wphb-autoloader.php' ); + $this->_include( 'includes/class-wphb-template-loader.php' ); + $this->_include( 'includes/class-wphb-ajax.php' ); + $this->_include( 'includes/class-wphb-install.php' ); + $this->_include( 'includes/class-wphb-rest-response.php' ); + + $this->_include( 'includes/class-wphb-gdpr.php' ); + $this->_include( 'includes/class-wphb-helpers.php' ); + + $this->_include( 'includes/class-wphb-post-types.php' ); + $this->_include( 'includes/wphb-core-functions.php' ); + $this->_include( 'includes/wphb-functions.php' ); + $this->_include( 'includes/class-wphb-resizer.php' ); + + $this->_include( 'includes/class-wphb-settings.php' ); + $this->_include( 'includes/class-wphb-comments.php' );
I'll analyze this security-focused code diff for the WP Hotel Booking plugin version update from 2.2.7 to 2.2.8. Based on my review of the provided diff, here are my findings: --- **Vulnerability Existed: no** **No CWE Identified - Line Ending Normalization - wp-hotel-booking.php (Lines 1-734)** **Old Code:** ``` File with Windows/Mixed line endings (CRLF or Mixed) ``` **Fixed Code:** ``` File normalized to Unix line endings (LF) ``` **Explanation:** This diff shows a line-ending normalization rather than a security fix. The entire file has been converted from Windows-style line endings (CRLF - Carriage Return + Line Feed) or mixed line endings to Unix-style line endings (LF - Line Feed only). This is visible from the diff markers and timestamp changes but does not represent any functional code changes or security vulnerability fixes. The only substantive change in the visible portion is the version number update from 2.2.7 to 2.2.8 in the plugin header (line 7). This normalization actually improves code consistency but is not a security fix. --- **Analysis Summary:** - No security vulnerabilities were identified in this diff - No CWE violations are present - The change is cosmetic (line ending normalization) with only a version bump as a functional change - All security-sensitive functions remain unchanged
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.