3 matches found
CVE-2023-2705 Appointment booking addon for Gravity Forms < 1.10.0 - Reflected Cross-Site Scripting
The gAppointments WordPress plugin before 1.10.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2023-2705 Appointment booking addon for Gravity Forms < 1.10.0 - Reflected Cross-Site Scripting
The gAppointments WordPress plugin before 1.10.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2023-2705
CVE-2023-2705 affects the gAppointments WordPress plugin prior to version 1.10.0. The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of a parameter before it is output on the page, potentially exploitable against admin users. The risk is described i...