2 matches found
CVE-2023-2298
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'businessid' parameter in versions up to, and including, 4.3.0 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2024-23094 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...