CVE-2026-28040 - WordPress Taxi Booking Manager for WooCommerce plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability
CVE ID :CVE-2026-28040 Published : April 23, 2026, 11 a.m. | 46 minutes ago Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects Taxi Booking
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Cosmetics giant Rituals discloses data breach affecting customers
- [CYBER] Over 300,000 Europeans' data on sale on dark web after December cyberattack on Eurail: Report
- [CYBER] Stuck in "Tutorial Hell": I know the theory of IDOR perfectly, but can't find anything in the wild. How do I bridge the gap?
- [CYBER] In my game you hack your company and can sell secrets for credits or keep them as leverage
- [CYBER] ServiceNow (NOW) Completes $7.75B Acquisition of Cyber Exposure Leader Armis
- [CYBER] Kelp DAO exploiter launders nearly all 75,700 in stolen ETH through THORchain