A vulnerability was found in Themefic Hydra Booking Plugin up to 1.1.41 on WordPress. It has been classified as critical . This issue affects some unknown processing. Performing a manipulation results in missing authorization. This vulnerability is identified as CVE-2026-42675 . The attack can be initiated remotely. There is not any exploit available.