Lucene search
K

8 matches found

NVD
NVD
added 2026/06/19 6:17 a.m.14 views

CVE-2026-1856

The Appointment Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom booking field labels in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00193EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/19 4:31 a.m.28 views

CVE-2026-1856 Appointment Booking Calendar <= 1.4.4 - Authenticated (Author+) Stored Cross-Site Scripting via Custom Booking Field Label

The Appointment Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom booking field labels in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00193EPSS
Exploits0References4
CVE
CVE
added 2026/05/02 11:16 a.m.14 views

CVE-2026-6320

The CVE concerns the Salon Booking System – Free Version WordPress plugin. Affected component: the booking flow and email attachment handling in versions up to and including 10.30.25. Root cause: attacker-controlled file-field values are stored and later treated as trusted paths for email attachm...

7.5CVSS5.9AI score0.00373EPSS
Exploits0References2
CNVD
CNVD
added 2023/07/12 12:0 a.m.3 views

Hostel Management System Cross-Site Scripting Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the search booking field, which can be exploited to execute arbitrary Web script...

6.1CVSS6.3AI score0.00532EPSS
Exploits1References1
OSV
OSV
added 2023/07/10 6:15 p.m.5 views

CVE-2023-36939

Cross-Site Scripting XSS vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field...

6.1CVSS6.1AI score0.00532EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/07/10 6:15 p.m.7 views

CVE-2023-36939

Cross-Site Scripting XSS vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field...

6.1CVSS6.8AI score0.00532EPSS
Exploits1References4
Prion
Prion
added 2023/07/10 6:15 p.m.18 views

Cross site scripting

Cross-Site Scripting XSS vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field...

5.8CVSS5.9AI score0.00532EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/07/10 12:0 a.m.20 views

CVE-2023-36939

Cross-Site Scripting XSS vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field...

6AI score0.00532EPSS
Exploits1References2
Rows per page
Query Builder