CVE-2026-12754 | e4jvikwp VikBooking Hotel Booking Engine & PMS Plugin up to 1.8.12 on WordPress Shortcode layoutstyle cross site scripting
A vulnerability identified as problematic has been detected in e4jvikwp VikBooking Hotel Booking Engine & PMS Plugin up to 1.8.12 on WordPress. This issue affects some unknown processing of the component Shortcode Handler. Performing a manipulation of the argument layoutstyle results in cross site scripting.
This vulnerability is cataloged as CVE-2026-12754. It is possible to initiate the attack remotely. There is no exploit available.
You should upgrade the affected component.VulDB Recent EntriesRead More