📄 Reservit Hotel Cross Site Scripting

Reservit Hotel versions prior to 3.0 suffer from a persistent cross site scripting vulnerability. Exploit Title: Reservit Hotel Content 3. Add the following payload to the Button text French field sane save: " style=animation-name:rotation onanimationstart=alert/XSS/// 4. The XSS will trigger upo...

Reservit Hotel 2.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Reservit Hotel Content 3. Add the following payload to the Button text French field sane save: " style=animation-name:rotation onanimationstart=alert/XSS/// 4. The XSS will trigger upon saving and when any user will access the content dashboard again References:...

WordPress Reservit Hotel plugin < 3.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Ilteris Kaan Pehlivan in WordPress Plugin Reservit Hotel versions 3.0...

CVE-2024-9458

The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-9458

The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-9458 Reservit Hotel < 3.0 - Admin+ Stored XSS

The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-9458

CVE-2024-9458 concerns the Reservit Hotel WordPress plugin, affected versions prior to 3.0. The root cause is failure to adequately sanitize and escape certain settings, which can permit stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, including multisite...

CVE-2024-9458 Reservit Hotel < 3.0 - Admin+ Stored XSS

The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin Reservit Hotel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-10080 · WordPress · Reservit Hotel Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Reservit Hotel WordPress plugin versions prior to 3.0 Description: The issue concerns the Reservit Hotel WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as...