2 matches found
CVE-2021-36847
The CVE pertains to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Webba Booking (WebbaPlugins) versions
CVE-2024-8432
CVE-2024-8432 applies to the Appointment & Event Booking Calendar Plugin – Webba Booking for WordPress. Vulnerability: missing capability check in save_appearance() allows authenticated users with Subscriber level access and above to modify the booking form CSS, affecting all versions up to 5.0.4...