CVE-2025-4669 | WP Booking Calendar Plugin up to 10.11.1 on WordPress Shortcode wpbc cross site scripting

Inserito da Angelo Barbosa | Mag 17, 2025 | CVE

A vulnerability classified as problematic has been found in WP Booking Calendar Plugin up to 10.11.1 on WordPress. This affects the function wpbc of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-4669. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-4669 | WP Booking Calendar Plugin up to 10.11.1 on WordPress Shortcode wpbc cross site scripting

Post correlati

CVE-2024-39925 | Vaultwarden 1.30.3 improper authentication

CVE-2024-22723 | Webtrees 2.1.18 media/ media_folder path traversal

CVE-2025-4456 | Project Worlds Car Rental Project 1.0 /signup.php fname sql injection

CVE-2024-3698 | Campcodes House Rental Management System 1.0 manage_payment.php id sql injection