exploitDog

GHSA-j6vq-hjmf-4p85

Опубликовано: 16 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators

The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators

Ссылки

EPSS

Процентиль: 78%

0.01105

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-4620

CVSS3: 6.1

nvd

больше 2 лет назад

The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators

EPSS

Процентиль: 78%

0.01105

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79