CVE-2026-8143 | omnivo Booking Calendar Plugin up to 2.1.6 on WordPress cross site scripting

A vulnerability, which was classified as problematic, has been found in omnivo Booking Calendar Plugin up to 2.1.6 on WordPress. This affects an unknown part. Performing a manipulation of the argument hb_country_iso/hb_usa_state_iso/hb_canada_province_iso results in cross site scripting.

This vulnerability is identified as CVE-2026-8143. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More