Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.CreditsVulnerability discovered by Ngo Van Thien (Patchstack Alliance)Referenceshttps://wordpress.org/plugins/booking-ultra-pro/https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-4-cross-site-scripting-xss-via-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
