CVE-2025-24723

Description

Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability in codepeople Booking Calendar Contact Form booking-calendar-contact-form allows Stored XSS.This issue affects Booking Calendar Contact Form: from n/a through <= 1.2.55.