WordPress Easy Booking Plugin <= 1.0.3 - XSS

2014-06-2300:00:00

Prajal Kulkarni

patchstack.com

0.001 Low

EPSS

Percentile

49.8%

Because of this vulnerability in admin/editFacility.php, the attackers can inject arbitrary web script or HTML.

Solution

           Update the plugin.

CPENameOperatorVersion
easy bookingle1.0.3

CPE	Name	Operator	Version
	easy booking	le	1.0.3

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4584

0.001 Low

EPSS

Percentile

49.8%

Related for PATCHSTACK:BE256269AD8418D55C55B1A331A3DE1B