Cross-site Scripting Vulnerability in Deetronix Booking Ultra Pro
CVE-2025-30637
5.9MEDIUM
What is CVE-2025-30637?
The Deetronix Booking Ultra Pro plugin is susceptible to a Stored XSS vulnerability due to improper input neutralization during web page generation. This security flaw allows an attacker to inject malicious scripts into web pages viewed by users, potentially leading to data theft or user account compromise. The issue affects versions of Booking Ultra Pro up to 1.1.20, underscoring the importance of immediate attention to this vulnerability for current installations.
Affected Version(s)
Booking Ultra Pro <= 1.1.20