4 matches found
CVE-2024-1484
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the date parameters in all versions up to, and including, 1.0.98 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticate...
CVE-2024-1484
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the date parameters in all versions up to, and including, 1.0.98 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticate...
CVE-2024-1484
CVE-2024-1484 — Amelia plugin for WordPress (Booking for Appointments and Events Calendar) Vulnerability type: Reflected Cross-Site Scripting (XSS) via date parameters in the plugin’s input handling. Root cause: Insufficient input sanitization and output escaping allows injection of arbitrary web...
WordPress Amelia Plugin <= 1.0.98 is vulnerable to Cross Site Scripting (XSS)
Software Amelia Type Plugin Vulnerable versions = 1.0.98 Fixed in 1.0.99 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1484 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 28e85735d453 Credits Muhammad Hassham Nagori...