Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2023-27918
HistoryMay 10, 2023 - 12:00 a.m.

CVE-2023-27918

2023-05-1000:00:00
jpcert
www.cve.org
1
cve-2023-27918
cross-site scripting
appointment and event booking calendar
wordpress
remote unauthenticated attacker
arbitrary script
malicious url

0.002 Low

EPSS

Percentile

57.6%

JSON

Cross-site scripting vulnerability in Appointment and Event Booking Calendar for WordPress - Amelia versions prior to 1.0.76 allows a remote unauthenticated attacker to inject an arbitrary script by having a user who is logging in the WordPress where the product is installed visit a malicious URL.

CNA Affected

[
  {
    "vendor": "TMS",
    "product": "Appointment and Event Booking Calendar for WordPress - Amelia",
    "versions": [
      {
        "version": "versions prior to 1.0.76",
        "status": "affected"
      }
    ]
  }
]

Related

cve 1
nvd 1
prion 1
jvn 1
wpvulndb 1
cve
cve
CVE-2023-27918
2023-05-10 06:15:14
nvd
nvd
CVE-2023-27918
2023-05-10 06:15:14
prion
prion
Cross site scripting
2023-05-10 06:15:00
jvn
jvn
JVN#00971105: WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting
2023-04-24 00:00:00
wpvulndb
wpvulndb
Appointment and Event Booking Calendar for WordPress < 1.0.76 - Reflected XSS
2023-04-06 00:00:00

0.002 Low

EPSS

Percentile

57.6%

JSON
Related for CVELIST:CVE-2023-27918
cve1nvd1prion1jvn1wpvulndb1