CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49294 – WordPress WpBusTicketly plugin <= 5.4.3 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-49294
06 Jan 2025 — Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through 5.4.3. La vulnerabilidad de Cross-Site Request Forgery (CSRF) en MagePeople Team Bus Ticket Booking con Seat Reservation permite Cross Site Request Forgery. Este problema afecta a la reserva de boletos de autobús con reserva de asiento: desde n/a hasta 5.4.3. The Bus Ticket Booking with Seat... • https://patchstack.com/database/wordpress/plugin/bus-ticket-booking-with-seat-reservation/vulnerability/wordpress-wpbusticketly-plugin-5-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43985 – WordPress Bus Ticket Booking with Seat Reservation plugin <= 5.3.5 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-43985
28 Aug 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Stored XSS.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through 5.3.5. The Bus Ticket Booking with Seat Reservation plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authe... • https://patchstack.com/database/vulnerability/bus-ticket-booking-with-seat-reservation/wordpress-bus-ticket-booking-with-seat-reservation-plugin-5-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30496 – WordPress Bus Ticket Booking with Seat Reservation Plugin <= 5.2.5 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-30496
13 Nov 2023 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MagePeople Team WpBusTicketly plugin <= 5.2.5 versions. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('cross-site Scripting') en el complemento MagePeople Team WpBusTicketly en versiones <= 5.2.5. The Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin plugin for WordPress is vulnerable to Cross-Site Scripting in all versions up to... • https://patchstack.com/database/vulnerability/bus-ticket-booking-with-seat-reservation/wordpress-bus-ticket-booking-with-seat-reservation-plugin-5-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4067 – Bus Ticket Booking with Seat Reservation <= 5.2.3 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2023-4067
01 Aug 2023 — The Bus Ticket Booking with Seat Reservation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab_date' and 'tab_date_r' parameters in versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2945247%40bus-ticket-booking-with-seat-reservation&new=2945247%40bus-ticket-booking-with-seat-reservation&sfp_email=&sfph_mail= • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •