CVE-2025-58991
The CVE-2025-58991 entry documents a CSRF vulnerability in the WooCommerce Booking Bundle Hours WordPress plugin that can lead to Stored XSS. Affected software: WooCommerce Booking Bundle Hours (versions up to 0.7.4). Root cause: cross-site request forgery enabling stored XSS payloads. Impact is ...