EPSS
Percentile
20.8%
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability was discovered by Ngo Van Thien (Patchstack Alliance) in the WordPress Booking Ultra Pro plugin (versions <= 1.1.4).
No patched version is available.