Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-24645
HistoryNov 08, 2021 - 6:15 p.m.

Cross site scripting

2021-11-0818:15:00
PRIOn knowledge base
www.prio-n.com
3

0.001 Low

EPSS

Percentile

24.8%

The Booking.com Product Helper WordPress plugin before 1.0.2 does not sanitize and escape Product Code when creating Product Shortcode, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

CPENameOperatorVersion
booking.com_product_helperlt1.0.2

0.001 Low

EPSS

Percentile

24.8%