Vulnerabilities > Vikwp > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-09 CVE-2023-32501 Unspecified vulnerability in Vikwp Vikbooking Hotel Booking Engine & PMS
Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L.
network
low complexity
vikwp
8.8
2023-05-23 CVE-2023-25707 Unspecified vulnerability in Vikwp Vikbooking Hotel Booking Engine & PMS
Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L.
network
low complexity
vikwp
8.8
2022-05-16 CVE-2022-1409 Unspecified vulnerability in Vikwp Hotel Booking Engine & PMS
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code
network
low complexity
vikwp
7.2