My Reservation System <= 2.3 – Reflected XSS | CVE 2025-7022 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

Proof of Concept

The following URL demonstrates the vulnerability. When accessed by a victim, the Base64-encoded payload within the val parameter will be decoded and executed, resulting in an alert box displaying "testn4".

http://example.com/wp-content/plugins/my-reservation-system/preview.php?val=PHNjcmlwdD5hbGVydCgidGVzdG40Iik8L3NjcmlwdD4=

Affects Plugins

my-reservation-system

No known fix

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Matías Schiappacasse & Lukas Gaete

Verified

Yes

WPVDB ID

c1021763-075b-40c7-801d-b5519828aabe

Timeline

Publicly Published

2025-07-04 (about 6 months ago)

Added

2025-07-04 (about 6 months ago)

Last Updated

2025-07-04 (about 6 months ago)

Other

Published

Title

Published

2025-07-16

Title

Multimedia Playlist Slider Addon for WPBakery Page Builder <= 2.1 - Reflected Cross-Site Scripting

Published

2018-11-14

Title

Master Slider < 3.7.1 - Authenticated Stored Cross-Site Scripting (XSS)

Published

2025-07-08

Title

Shortcode Generator <= 1.1 - Reflected Cross-Site Scripting

Published

2023-01-20

Title

Responsive Vertical Icon Menu < 1.5.9 - Admin+ Stored XSS

Published

2023-07-12

Title

Variation Swatches for WooCommerce < 2.3.8 - Reflected Cross-Site Scripting