Lucene search
K

4 matches found

NVD
NVD
added yesterday7 views

CVE-2026-12754

The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'layoutstyle' parameter in all versions up to, and including, 1.8.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS0.00293EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday8 views

CVE-2026-12754 VikBooking Hotel Booking Engine & PMS <= 1.8.12 - Reflected Cross-Site Scripting via 'layoutstyle' Parameter

The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'layoutstyle' parameter in all versions up to, and including, 1.8.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS0.00293EPSS
Exploits0References5
CVE
CVE
added yesterday8 views

CVE-2026-12754

The CVE concerns the VikBooking Hotel Booking Engine & PMS plugin for WordPress, vulnerable to Reflected Cross-Site Scripting via the layoutstyle parameter in all versions up to and including 1.8.12. The root cause is insufficient input sanitization and output escaping, allowing unauthenticated a...

6.1CVSS5.9AI score0.00293EPSS
Exploits0References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-40939

The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'layoutstyle' parameter in all versions up to, and including, 1.8.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS5.9AI score0.00293EPSS
Exploits0References5
Rows per page
Query Builder