Ghostwire

CVE-2026-42762: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp...

HIGH CVSS 7.1

Published: May 27, 2026 | Last Modified: May 27, 2026

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows DOM-Based XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through <= 1.8.9.

Ghostwire Analysis — What This Means Practically

High CVSS score indicates significant risk — exploitation could lead to substantial data exposure or system compromise.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References

patchstack.com/database/Wordpress/Plugin/vikbooking/vulnerability/wordpress-vikb