CVE-2025-69056

Name of the Vulnerable Software and Affected Versions e-plugins Hotel Listing versions through 1.4.0

Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-Site Scripting (XSS) condition. This allows an attacker to inject malicious scripts into a website, which can then be executed in the context of a user's browser. The vulnerability exists in the Hotel Listing plugin. The affected API endpoint is not specified. The vulnerable parameter is not specified. The vulnerable function is not specified.

Recommendations Update e-plugins Hotel Listing to a version later than 1.4.0.