Known Vulnerabilities for products from Vikwp
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Vikwp".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-32501 json | Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.6.1 versions... | Not Provided | 2023-11-09 | 2026-04-28 |
| CVE-2023-25707 json | Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.12 version... | 8.8 - HIGH | 2023-05-23 | 2023-05-26 |
| CVE-2023-24396 json | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= ... | 4.8 - MEDIUM | 2023-04-06 | 2023-11-07 |
| CVE-2022-27863 json | Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attack... | 5.3 - MEDIUM | 2022-04-19 | 2022-04-28 |
| CVE-2022-27862 json | Arbitrary File Upload leading to RCE in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows ... | 9.8 - CRITICAL | 2022-04-19 | 2022-04-28 |
| CVE-2022-1528 json | The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.9 does not escape the current URL before putting it bac... | 6.1 - MEDIUM | 2022-05-30 | 2022-06-08 |
| CVE-2022-1409 json | The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high priv... | 7.2 - HIGH | 2022-05-16 | 2022-05-24 |
| CVE-2022-1408 json | The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not escape various settings before outputting th... | 4.8 - MEDIUM | 2022-05-16 | 2022-05-24 |
| CVE-2022-1407 json | The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not have CSRF check in place when adding a track... | 6.5 - MEDIUM | 2022-05-16 | 2022-05-24 |
| CVE-2021-24519 json | The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the 'Text Next to Icon' field wh... | 4.8 - MEDIUM | 2021-08-16 | 2021-08-23 |