[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9oGuOvnbpdJM4NYplsypdz9TPwSP0ZYoLMoQyxTC6yU":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-2749","vikbooking-hotel-booking-engine-pms-missing-authorization-2","VikBooking Hotel Booking Engine & PMS \u003C= 1.6.7 - Missing Authorization","The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to unauthorized access due to insufficient capability checking in all versions up to, and including, 1.6.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify categories and perform several unauthorized actions.","vikbooking",null,"\u003C=1.6.7","1.6.8","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Missing Authorization","2024-04-19 00:00:00","2024-05-16 13:34:11",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb08531b2-968e-4a00-ad7a-7abfe8cf0bd3?source=api-prod",28]