CVE-2026-42737 | e4jvikwp VikBooking Hotel Booking Engine & PMS Plugin up to 1.8.9 on WordPress path traversal

May 27, 2026 Yanac

A vulnerability labeled as critical has been found in e4jvikwp VikBooking Hotel Booking Engine & PMS Plugin up to 1.8.9 on WordPress. This impacts an unknown function. The manipulation results in path traversal.

This vulnerability is reported as CVE-2026-42737. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2026-2280 | larsdrasmussen rexCrawler Plugin up to 1.0.15 on WordPress Setting cross site scripting
CVE-2026-42727 | RealMag777 Active Products Tables for WooCommerce Plugin up to 1.0.8 on WordPress sql injection