3 matches found
CVE-2024-13508
creationtimestamp| type| source ---|---|--- 2025-02-19 00:15:51+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3liiiojakeh2g 2025-02-19 03:41:40+00:00| seen| https://t.me/cvedetector/18398 2025-02-19 04:01:39+00:00| seen|...
CVE-2024-13508 Booking Package <= 1.6.72 - Reflected Cross-Site Scripting via Locale Parameter
The Booking Package plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the locale parameter in all versions up to, and including, 1.6.72 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2024-13508 Booking Package <= 1.6.72 - Reflected Cross-Site Scripting via Locale Parameter
The Booking Package plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the locale parameter in all versions up to, and including, 1.6.72 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...