CVE-2026-32540 WordPress Bookly plugin <= 26.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through = 26.7...

PT-2026-28054

Name of the Vulnerable Software and Affected Versions Bookly versions through 26.7 Description The Bookly bookly-responsive-appointment-booking-tool contains a flaw due to improper neutralization of input during web page generation, which allows for Reflected Cross-site Scripting XSS. This issue...