CVE-2025-13135 | HotelRunner Booking Widget Plugin up to 5.2.4 on WordPress hotelrunner cross site scripting

A vulnerability identified as problematic has been detected in HotelRunner Booking Widget Plugin up to 5.2.4 on WordPress. This affects the function hotelrunner. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2025-13135. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More