6 matches found
CVE-2026-1607
The Surbma | Booking.com Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's surbma-bookingcom shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
WordPress Surbma | Recent Comments Shortcode plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Surbma | Recent Comments Shortcode versions = 2.0...
CVE-2025-22808 WordPress Surbma | Premium WP plugin <= 9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Surbma Surbma | Premium WP surbma-premium-wp allows DOM-Based XSS.This issue affects Surbma | Premium WP: from n/a through = 9.0...
WordPress Surbma | Premium WP plugin <= 9.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Surbma | Premium WP versions = 9.0...
CVE-2023-23894
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Surbma Surbma | GDPR Proof Cookie Consent & Notice Bar plugin = 17.5.3 versions...
PT-2023-19287 · WordPress · Surbma Surbma | Gdpr Proof Cookie Consent & Notice Bar
Name of the Vulnerable Software and Affected Versions: Surbma Surbma | GDPR Proof Cookie Consent & Notice Bar plugin versions = 17.5.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects the Surbma Surbma | GDPR Proof Cookie Consent & Notice Bar plugi...