Ilteris Kaan Pehlivan

1 exploit Active since Mar 2025
CVE-2024-9458 EXPLOITDB MEDIUM text WRITEUP
Reservit Hotel WordPress Plugin < 3.0 - Authenticated Stored Cross-Site Scripting in Settings
The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVSS 4.8