Magepeopleteam Bus Ticket Booking With Seat Reservation vulnerabilities
4 known vulnerabilities affecting magepeopleteam/bus_ticket_booking_with_seat_reservation.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2026-27095P2CRITICALCVSS 9.8≤ 5.6.02026-03-25
CVE-2026-27095 [CRITICAL] CWE-502 CVE-2026-27095: Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reser
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Object Injection.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through <= 5.6.0.
nvd
CVE-2023-4067P4MEDIUMCVSS 6.1≤ 5.2.32023-08-02
CVE-2023-4067 [MEDIUM] CWE-79 CVE-2023-4067: The Bus Ticket Booking with Seat Reservation plugin for WordPress is vulnerable to Reflected Cross-S
The Bus Ticket Booking with Seat Reservation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab_date' and 'tab_date_r' parameters in versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages
nvd
CVE-2026-39572P4MEDIUMCVSS 4.3≤ 5.6.52026-04-08
CVE-2026-39572 [MEDIUM] CWE-497 CVE-2026-39572: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeop
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through < 5.6.5.
nvd
CVE-2024-49294P4MEDIUMCVSS 4.3≤ 5.4.32025-01-07
CVE-2024-49294 [MEDIUM] CWE-352 CVE-2024-49294: Cross-Site Request Forgery (CSRF) vulnerability in magepeopleteam Bus Ticket Booking with Seat Reser
Cross-Site Request Forgery (CSRF) vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through <= 5.4.3.
nvd