4 matches found
CVE-2025-49314 WordPress BRW <= 1.8.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ovatheme BRW allows Stored XSS. This issue affects BRW: from n/a through 1.8.6...
CVE-2025-49314
CVE-2025-49314 is an authenticated stored XSS vulnerability in BRW (Booking Rental Plugin for WordPress/WooCommerce) where improper neutralization of input during web page generation allowed stored script execution. Affected versions are BRW up to 1.8.6; the issue has been patched in 1.8.6 (BRW
CVE-2025-49314 WordPress BRW plugin <= 1.8.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ovatheme BRW ova-brw allows Stored XSS.This issue affects BRW: from n/a through = 1.8.6...
WordPress BRW plugin <= 1.8.6 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin BRW versions = 1.8.6...