cleantalk
Vulnerabilities and Security Researches

Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab, CVE-2026-28040

CVE, Research URL

CVE-2026-28040

Home page URL

Security reports for Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab

Application

Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab

Published on
Apr 23, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects Taxi Booking Manager for WooCommerce: from n/a through 2.0.0.
Affected versions
max 2.0.1.
Status
vulnerable
Previous vulnerability researches
Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab (CVE-2025-24661) , Feb 05, 2025
Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab (CVE-2025-8898) , Aug 16, 2025
Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab (CVE-2026-28040) , Apr 25, 2026
Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab (CVE-2025-54713) , Aug 22, 2025
Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab (CVE-2025-30839) , Apr 02, 2025
New vulnerability
Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Car (CVE-2024-4002) , Apr 26, 2026
Court Reservation – Manage Your Court Bookings Online (CVE-2026-1508) , Apr 26, 2026
ITERAS (CVE-2026-4078) , Apr 26, 2026
WP-Recall – Registration, Profile, Commerce & More (CVE-2024-9770) , Apr 26, 2026
Bitly's WordPress Plugin (CVE-2025-58231) , Apr 26, 2026