CVE-2023-4620

creationtimestamp| type| source ---|---|--- 2025-05-02 18:19:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14555...

WordPress Booking Calendar Plugin <= 9.7.3 is vulnerable to Cross Site Scripting (XSS)

Software Booking Calendar Type Plugin Vulnerable versions = 9.7.3 Fixed in 9.7.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4620 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1f5ad35a7a1 Credits Pablo Sanchez...

CVE-2023-4620

The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators...

CVE-2023-4620 Booking Calendar < 9.7.3.1 - Unauthenticated Stored XSS

The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators...

CVE-2023-4620 Booking Calendar < 9.7.3.1 - Unauthenticated Stored XSS

The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators...

CVE-2023-4620

The Book­ing Calendar WordPress plugin is affected by CVE-2023-4620: prior to version 9.7.3.1, it does not sanitize/escape certain booking form data, enabling unauthenticated Stored XSS against administrators. The issue is mitigated by upgrading to version 9.7.3.1 or later (patch release). Other ...