CVE-2023-24402

Name of the Vulnerable Software and Affected Versions Veribo, Roland Murg WP Booking System – Booking Calendar plugin versions <= 2.0.18

Description The issue is related to an Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability. This means that an attacker who has administrative access to the system can inject malicious scripts into the website, potentially leading to unauthorized actions.

Recommendations For versions <= 2.0.18, update to a version higher than 2.0.18 to resolve the issue. As a temporary workaround, consider restricting access to administrative functions to minimize the risk of exploitation.