3 matches found
CVE-2024-8663
The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.0.10. This makes it possible for unauthenticated attackers to inject...
CVE-2024-8663 WP Simple Booking Calendar <= 2.0.10 - Reflected Cross-Site Scripting
The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.0.10. This makes it possible for unauthenticated attackers to inject...
CVE-2024-8663 WP Simple Booking Calendar <= 2.0.10 - Reflected Cross-Site Scripting
The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.0.10. This makes it possible for unauthenticated attackers to inject...