The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the malicious reservation made
CPE | Name | Operator | Version |
---|---|---|---|
ketchup_restaurant_reservations | le | 1.0.0 |