CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/27 11:16 a.m.•7 views

CVE-2026-42737

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Path Traversal.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.8.9...

8.6CVSS0.00063EPSS

EUVD•added 2026/05/27 9:49 a.m.•8 views

EUVD-2026-32209

7.1CVSS5.8AI score0.00036EPSS

Cvelist•added 2026/05/27 9:49 a.m.•26 views

CVE-2026-42762 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00036EPSS

EUVD•added 2026/05/27 9:49 a.m.•3 views

EUVD-2026-32189

CVE•added 2026/05/27 9:49 a.m.•10 views

CVE-2026-42737

CVE-2026-42737 affects the WordPress VikBooking Hotel Booking Engine & PMS plugin (≤1.8.9). The issue is an improper limitation of a pathname to a restricted directory (path traversal), enabling potential arbitrary file deletion. The CVSS 3.1 base score is 8.6 (HIGH) with Network attack, no user ...

Cvelist•added 2026/05/27 9:49 a.m.•27 views

CVE-2026-42737 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Arbitrary File Deletion vulnerability

8.6CVSS0.00063EPSS

ATTACKERKB•added 2026/05/27 9:49 a.m.•5 views

CVE-2026-42737

Vulnrichment•added 2026/05/27 9:49 a.m.•7 views

CVE-2026-42737 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.9 - Arbitrary File Deletion vulnerability

Patchstack•added 2026/05/27 6:20 a.m.•5 views

WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.10 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by dodoh4t in WordPress Plugin VikBooking Hotel Booking Engine & PMS versions = 1.8.10...

Exploits0Affected Software1

CNNVD•added 2026/05/27 12:0 a.m.•6 views

WordPress plugin VikBooking Hotel Booking Engine & PMS 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.7AI score0.00036EPSS

CNNVD•added 2026/05/27 12:0 a.m.•7 views

WordPress plugin VikBooking Hotel Booking Engine & PMS 路径遍历漏洞

Positive Technologies•added 2026/05/27 12:0 a.m.•6 views

PT-2026-43670

7.1CVSS5.8AI score0.00036EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•4 views

PT-2026-43649

Tenable Nessus•added 2026/01/16 12:0 a.m.•1 views

MiracleLinux 7 : groovy-1.8.9-8.el7 (AXSA:2017-2200:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2200:01 advisory. Groovy is an agile and dynamic language for the Java Virtual Machine, built upon Java with features inspired by languages like Python, Ruby and Smalltalk. It...

9.8CVSS8AI score0.24315EPSS

EUVD•added 2025/12/24 3:30 p.m.•2 views

EUVD-2025-205283

Cross-Site Request Forgery CSRF vulnerability in titopandub Evergreen Post Tweeter evergreen-post-tweeter allows Stored XSS.This issue affects Evergreen Post Tweeter: from n/a through = 1.8.9...

8.8CVSS6.1AI score0.00015EPSS

NVD•added 2025/12/24 1:16 p.m.•2 views

CVE-2025-67622

Cross-Site Request Forgery CSRF vulnerability in titopandub Evergreen Post Tweeter evergreen-post-tweeter allows Stored XSS.This issue affects Evergreen Post Tweeter: from n/a through = 1.8.9...

7.1CVSS0.00015EPSS

CVE•added 2025/12/24 1:10 p.m.•3 views

CVE-2025-67622

Technical details for CVE-2025-67622 are not provided in the supplied documents. Monitor for updates from official advisories; current data mentions CSRF and Stored XSS claims but lacks concrete product/version/impact details.

7.1CVSS6.3AI score0.00015EPSS