Arbitrary File Upload leading to RCE in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to upload and execute dangerous file types (e.g. PHP shell) via the signature upload on the booking form.
CPE | Name | Operator | Version |
---|---|---|---|
vikbooking_hotel_booking_engine_\\&_property_management_system_plugin | le | 1.5.3 |