WordPress Booking Ultra Pro Plugin <1.1.4 - Cross-Site Scripting (XSS) vulnerability
The WordPress Booking Ultra Pro Plugin (v1.1.4 or earlier) has an unfixed high-severity XSS vulnerability, allowing malicious script injection. Other known vulnerabilities include CSRF issues.