Unrated severityNVD Advisory· Published Sep 30, 2022· Updated Apr 28, 2026
WordPress Booking Ultra Pro plugin <= 1.1.4 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability
CVE-2021-36855
Description
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.1.4
- Booking Ultra Pro/Booking Ultra Pro (WordPress plugin)v5Range: <= 1.1.4
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.