4 matches found
CVE-2024-10177
creationtimestamp| type| source ---|---|--- 2024-11-21 02:37:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113518619354920860...
CVE-2024-10177 Beds24 Online Booking <= 2.0.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via beds24-link Shortcode
The Beds24 Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's beds24-link shortcode in all versions up to, and including, 2.0.27 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-10177 Beds24 Online Booking <= 2.0.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via beds24-link Shortcode
The Beds24 Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's beds24-link shortcode in all versions up to, and including, 2.0.27 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-10177
CVE-2024-10177 affects Beds24 Online Booking plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) via the beds24-link shortcode, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authentication at contributor...