Lucene search
MitreCVELIST:CVE-2020-9371HistoryMar 04, 2020 - 6:11 p.m.
CVE-2020-9371
2020-03-0418:11:35
mitre
www.cve.org
Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScript or HTML.
References
packetstormsecurity.com/files/156694/WordPress-Appointment-Booking-Calendar-1.3.34-CSV-Injection.html
drive.google.com/open?id=1NNcYPaJir9SleyVr4cSPqpI2LNM7rtx9
wordpress.org/plugins/appointment-booking-calendar/#developers
wpvulndb.com/vulnerabilities/10110
www.hotdreamweaver.com/support/view.php?id=815925
Related
cve
cve
CVE-2020-9371
2020-03-04 19:15:13
patchstack
patchstack
prion
prion
Cross site scripting
2020-03-04 19:15:00
nvd
nvd
CVE-2020-9371
2020-03-04 19:15:13
attackerkb
attackerkb
CVE-2020-9371
2020-03-04 00:00:00
wpvulndb
wpvulndb
exploitpack
exploitpack
Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection
2020-03-12 00:00:00
packetstorm
packetstorm
WordPress Appointment Booking Calendar 1.3.34 CSV Injection
2020-03-12 00:00:00
exploitdb
exploitdb
WordPress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection
2020-03-12 00:00:00