Lucene search
+L

4 matches found

NVD
NVD
added 2024/07/20 8:15 a.m.16 views

CVE-2024-38676

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Booking Ultra Pro allows Stored XSS.This issue affects Booking Ultra Pro: from n/a through 1.1.13...

6.5CVSS0.0032EPSS
Exploits0References1
CVE
CVE
added 2024/07/20 7:51 a.m.43 views

CVE-2024-38676

CVE-2024-38676 is a stored XSS vulnerability in Booking Ultra Pro (WordPress plugin) affecting Booking Ultra Pro versions up to 1.1.13. The connected Wordfence entry explicitly labels it as Authenticated (Contributor+) Stored Cross-Site Scripting and confirms the affected version range. The Initi...

6.5CVSS6.5AI score0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/20 7:51 a.m.12 views

CVE-2024-38676 WordPress Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.13 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Booking Ultra Pro allows Stored XSS.This issue affects Booking Ultra Pro: from n/a through 1.1.13...

6.5CVSS6.8AI score0.0032EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.7 views

WordPress Booking Ultra Pro Plugin <= 1.1.13 is vulnerable to Cross Site Scripting (XSS)

Software Booking Ultra Pro Type Plugin Vulnerable versions = 1.1.13 Fixed in 1.1.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38676 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5502b7d4c80c Credits LVT-tholv2k Required privilege...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder