Vikwp Hotel Booking Engine & Pms — known CVE vulnerabilities
Every CVE whose affected-product data names Vikwp Hotel Booking Engine & Pms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-1409 — CVSS 7.2 (high): The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users…
CVE-2022-1407 — CVSS 6.5 (medium): The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not have CSRF check in place when adding a tracking campaign…
CVE-2022-1408 — CVSS 4.8 (medium): The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not escape various settings before outputting them in…