CVE-2026-28040

Name of the Vulnerable Software and Affected Versions Taxi Booking Manager for WooCommerce versions n/a through 2.0.0

Description Improper neutralization of input during web page generation allows stored Cross-site Scripting (XSS), a flaw where malicious scripts are permanently stored on the target server and later executed in the browser of a user visiting the affected page.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.