CVE-2024-35297 | Vulnerability Database

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-35297
CWE	https://cwe.mitre.org/data/definitions/.html

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-35297

CWE

https://cwe.mitre.org/data/definitions/.html

Cross-site scripting vulnerability exists in WP Booking versions prior to 2.4.5. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product.

References

https://jvn.jp/en/jp/JVN35838128/
https://plugins.trac.wordpress.org/changeset?new=3084990%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php\u0026old=2404687%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php
https://wordpress.org/plugins/wp-easy-booking/