Townhub Security Vulnerabilities and Issues — Townhub CVE List

Lucene search

CththemesTownhub

4 matches found

CVE•added 2020/01/13 6:15 p.m.•86 views

CVE-2019-20210

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query.

6.1CVSS5.9AI score0.00539EPSS

CVE•added 2020/01/13 6:15 p.m.•75 views

CVE-2019-20209

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing.

7.5CVSS7.4AI score0.00993EPSS

CVE•added 2020/01/13 6:15 p.m.•73 views

CVE-2019-20212

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form.

6.1CVSS5.9AI score0.00644EPSS

CVE•added 2020/01/13 6:15 p.m.•71 views

CVE-2019-20211

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phone ...

6.1CVSS5.9AI score0.00756EPSS