PT-2026-54890 · WordPress · Vikbooking Hotel Booking Engine & Pms

Published

2026-07-01

·

Updated

2026-07-01

·

CVE-2026-57723

CVSS v3.1

7.4

High

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions VikBooking Hotel Booking Engine & PMS versions prior to 1.8.12
Description A Cross-Site Request Forgery (CSRF) flaw exists which allows Path Traversal. CSRF is a type of attack that tricks a victim into submitting a malicious request. Path Traversal is a vulnerability that allows an attacker to access files and directories that are stored outside the web root folder.
Recommendations Update to version 1.8.12 or later.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-57723

Affected Products

Vikbooking Hotel Booking Engine & Pms