5 matches found
CVE-2023-35048
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in MagePeople Team Booking and Rental Manager for Bike plugin = 1.2.1 versions...
CVE-2023-35048
creationtimestamp| type| source ---|---|--- 2023-06-23 16:46:51+00:00| seen| https://t.me/cibsecurity/65459...
CVE-2023-35048
CVE-2023-35048 affects the WordPress plugin “Booking and Rental Manager for Bike” (also listed as MagePeople Booking and Rental Manager for Woo/Car/etc.) at versions ≤ 1.2.1. The root cause is improper input sanitization/escaping of plugin settings, enabling an authenticated (admin+) Stored Cross...
CVE-2023-35048 WordPress Booking and Rental Manager Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in MagePeople Team Booking and Rental Manager for Bike plugin = 1.2.1 versions...
WordPress Booking and Rental Manager Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Booking and Rental Manager Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35048 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 73d697a7ce84 Credits NeginNrb...