Vikwp - Hotel Booking Engine \& Pms CVE

Filtered by vendor Vikwp Subscribe

Filtered by product Hotel Booking Engine \& Pms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-1409	1 Vikwp	1 Hotel Booking Engine \& Pms	2022-05-24	6.5 MEDIUM	7.2 HIGH
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code

Vulnerabilities (CVE)