HIGH
Themefic
CVE published 2026-06-01
CVE-2026-42675
A missing authorization vulnerability in the Themefic Hydra Booking WordPress plugin allows exploitation of incorrectly configured access control security levels. The vulnerability affects versions from n/a through 1.1.41 and has been assigned a CVSS 3.1 score of 7.3 (HIGH). The issue is categorized as CWE-862 (Missing Authorization), indicating that functionality or data accessible to users is not proper [truncated]