Vulnerabilities and security researches forbus-ticket-booking-with-seat-reservation bus-ticket-booking-with-seat-reservation

Jun 06, 2024

CVE, Research URL: CVE-2023-4067
Home page URL: Security reports for Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Application: Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Date: Aug 02, 2023
Research Description: The Bus Ticket Booking with Seat Reservation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab_date' and 'tab_date_r' parameters in versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: max 5.2.4.
Status: vulnerable

CVE, Research URL: CVE-2023-30496
Home page URL: Security reports for Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Application: Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Date: Nov 23, 2023
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MagePeople Team WpBusTicketly plugin <= 5.2.5 versions.
Affected versions: max 5.2.6.
Status: vulnerable

Sep 01, 2024

CVE, Research URL: CVE-2024-43985
Home page URL: Security reports for Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Application: Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Date: Sep 18, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Stored XSS.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through 5.3.5.
Affected versions: max 5.3.6.
Status: vulnerable

Jan 09, 2025

CVE, Research URL: CVE-2024-49294
Home page URL: Security reports for Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Application: Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Date: Jan 07, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through 5.4.3.
Affected versions: max 5.4.4.
Status: vulnerable

Mar 30, 2026

CVE, Research URL: CVE-2026-27095
Home page URL: Security reports for Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Application: Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
Date: Mar 25, 2026
Research Description: Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Object Injection.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through <= 5.6.0.
Affected versions: max 5.6.0.
Status: vulnerable