The WP Hotel Booking plugin for WordPress is vulnerable to a security issue. Attackers can take advantage of this vulnerability to access sensitive information from the database. This vulnerability affects all versions of the plugin up to and including version 2.0.7. It is caused by not properly escaping user input and not properly preparing the existing SQL query.