Vulnerability type: Cross Site Scripting (XSS)

Hello @wfrmitstaff
Could you please let us know the more details about it. We have tested yatra plugin in different environment with different types of security testing but unable to find these kind of security vulnerability. It would be great if you can share more details about it, So that we can fix ( if there is any issue ) and release the update.

Good morning,
I think that to give you a complete answer you can check from Patchstack, I am sending you the link with all the information you asked for:

https://patchstack.com/database/vulnerability/yatra/wordpress-best-travel-booking-wordpress-plugin-tour-booking-system-trip-booking-wordpress-plugin-yatra-plugin-2-1-13- cross-site-scripting-xss?_s_id=cve

Correct link:

https://patchstack.com/database/vulnerability/yatra/wordpress-best-travel-booking-wordpress-plugin-tour-booking-system-trip-booking-wordpress-plugin-yatra-plugin-2-1-13-cross-site-scripting-xss?_s_id=cve

• This reply was modified 1 year, 6 months ago by WFRM IT Staff.

Hello @wfrmitstaff , This issue has been fixed in latest version of the Yatra plugin 2.1.15