Security Advisory

CVE-2024-2441

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-10 06:00:02

Last updated 2025-03-14 00:35:04

Assigner WPScan

State PUBLISHED

Description

The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8 allows direct access to menus, allowing an authenticated user with subscriber privileges or above, to bypass authorization and access settings of the VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8s they shouldnt be allowed to.

← Browse all CVEs View on cve.org ↗