3 matches found
EUVD-2021-11842
Malware in sbrugna...
CVE-2021-24930
The WordPress Online Booking and Scheduling Plugin WordPress plugin before 20.3.1 does not escape the Staff Full Name field before outputting it back in a page, which could lead to a Stored Cross-Site Scripting issue...
PT-2021-16372 · WordPress · Wordpress Online Booking/Scheduling Plugin
Name of the Vulnerable Software and Affected Versions: The WordPress Online Booking and Scheduling Plugin version 20.3.0 and earlier Description: The issue is related to a Stored Cross-Site Scripting problem. It occurs because the Staff Full Name field is not properly escaped before being outputt...