2 matches found
CVE-2026-6910
The Bookero.pl – system rezerwacji online plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the bookeroproducts shortcode's hideproducts and filterproducts attributes in versions up to and including 2.2. This is due to insufficient input sanitization and output escaping in the...
CVE-2026-6910
Overview : CVE-2026-6910 affects the Bookero.pl online booking plugin for WordPress. Issue : Stored Cross-Site Scripting via the bookero_products shortcode attributes hide_products and filter_products in versions up to 2.2. The root cause is insufficient input sanitization and output escaping in ...