Cross-site scripting vulnerability in Appointment and Event Booking Calendar for WordPress - Amelia versions prior to 1.0.76 allows a remote unauthenticated attacker to inject an arbitrary script by having a user who is logging in the WordPress where the product is installed visit a malicious URL.
6.1CVSS
6.2AI Score
0.002EPSS
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in TMS Booking for Appointments and Events Calendar β Amelia plugin <= 1.0.75 versions.
7.1CVSS
6AI Score
0.0005EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TMS Booking for Appointments and Events Calendar β Amelia allows Stored XSS.This issue affects Booking for Appointments and Events Calendar β Amelia: from n/a through 1.0.85.
6.5CVSS
5.8AI Score
0.0004EPSS