cleantalk
Vulnerabilities and Security Researches

WP Booking, CVE-2024-35297

CVE, Research URL

CVE-2024-35297

Home page URL

Security reports for WP Booking

Application

WP Booking

Published on
May 27, 2024
Research Description
Cross-site scripting vulnerability exists in WP Booking versions prior to 2.4.5. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product.
Affected versions
Min -, max 2.4.5.
Status
vulnerable
Previous vulnerability researches
WP Booking (CVE-2024-35297) , Jun 07, 2024
New vulnerability
Formality (CVE-2025-3858) , May 20, 2025
PowerPress Podcasting plugin by Blubrry (CVE-2024-9227) , May 19, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2024-9450) , May 19, 2025
PWA for WP & AMP (CVE-2024-7759) , May 19, 2025
Badgearoo (CVE-2025-1033) , May 19, 2025