CVE-2026-28040

· NIST NVD ↗

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects Taxi Booking Manager for WooCommerce: from n/a through 2.0.0.

MEDIUM
CVSS severity
6.5
CVSS base score
2026-04-23
Published

CWE codes

CWE-79

Sources