Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-99636
HistoryNov 10, 2021 - 12:00 a.m.

WordPress Booking.com Product Helper Plugin Cross-Site Scripting Vulnerability

2021-11-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
7

0.001 Low

EPSS

Percentile

24.8%

WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress Booking.com Product Helper plugin in versions 1.0.1 and earlier, which stems from the plugin’s lack of Data validation filtering. Lack of data validation filtering of user-supplied data and output. No detailed vulnerability details are available at this time.

0.001 Low

EPSS

Percentile

24.8%