Booking calendar, Appointment Booking System, CVE-2026-25435

CVE, Research URL: CVE-2026-25435
Home page URL: Security reports for Booking calendar, Appointment Booking System
Application: Booking calendar, Appointment Booking System
Published on: Mar 25, 2026
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Booking calendar, Appointment Booking System booking-calendar allows Stored XSS.This issue affects Booking calendar, Appointment Booking System: from n/a through <= 3.2.36.
Affected versions: max 3.2.36.
Status: vulnerable