2 matches found
CVE-2018-5670
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php saleconditionscount parameter...
CVE-2018-5670
CVE-2018-5670 affects the WordPress booking-calendar plugin up to version 2.1.7. The issue is an XSS in wp-admin/admin.php via the sale_conditions[count][] parameter, as reported across sources (NVD, CNVD, CVE listings). Some records describe this as an authenticated stored XSS with CSRF (WPVulnd...