CVE-2020-15536

Опубликовано: 05 июл. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress. Persistent XSS can occur via any of the registration fields.

Ссылки

https://packetstormsecurity.com/files/157116/WordPress-Hotel-Booking-System-Pro-1.1-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://wpvulndb.com/vulnerabilities/10171
Third Party Advisory
https://packetstormsecurity.com/files/157116/WordPress-Hotel-Booking-System-Pro-1.1-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://wpvulndb.com/vulnerabilities/10171
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:online_hotel_booking_system_project:online_hotel_booking_system:*:*:*:*:pro:wordpress:*:*

Версия до 1.1 (включая)

EPSS

Процентиль: 41%

0.0019

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-4p3w-8vf4-q4w5

github

больше 3 лет назад