CVE-2024-2101

The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the 'Customers' page and the...

CVE-2024-2101

The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the 'Customers' page and the...

CVE-2024-2102

The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field and 'smsprefix' parameter when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the...

CVE-2024-2101

The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the 'Customers' page and the...

CVE-2024-2101

The CVE-2024-2101 in the Salon booking system WordPress plugin affects versions prior to 9.6.3. The issue is improper sanitization/escaping of the Mobile Phone field during appointment booking, enabling Stored Cross-Site Scripting (XSS) attacks that trigger when an admin visits the Customers page...

WordPress Plugin Salon booking system 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

WordPress Plugin Salon booking system 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

PT-2024-18824 · WordPress · Salon Booking System

Name of the Vulnerable Software and Affected Versions: The Salon booking system WordPress plugin versions prior to 9.6.3 Description: The issue arises from improper sanitization and escaping of the Mobile Phone field and sms prefix parameter when booking an appointment, allowing customers to...

PT-2024-18823 · WordPress · Salon Booking System

Name of the Vulnerable Software and Affected Versions: The Salon booking system WordPress plugin versions prior to 9.6.3 Description: The issue arises from improper sanitization and escaping of the Mobile Phone field when booking an appointment, allowing customers to conduct Stored Cross-Site...