Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Products
VikBooking Hotel Booking Engine & PMS WordPress plugin
- before 1.6.8
Source
contact@wpscan.com
Tags
CVE-2024-2441 details
Published : May 14, 2024, 3:19 p.m.
Last Modified : May 14, 2024, 4:13 p.m.
Last Modified : May 14, 2024, 4:13 p.m.
Description
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8 allows direct access to menus, allowing an authenticated user with subscriber privileges or above, to bypass authorization and access settings of the VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's they shouldn't be allowed to.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
References
| URL | Source |
|---|---|
| https://wpscan.com/vulnerability/9647e273-5724-4a02-868d-9b79f4bb2b79/ | contact@wpscan.com |
This website uses the NVD API, but is not approved or certified by it.