0.001 Low
EPSS
Percentile
32.7%
The Ultimate Appointment Booking & Scheduling WordPress plugin, versions 1.1.9 and older, were vulnerable to Authenticated Cross-Site Scripting (XSS) within multiple parameters.
http://www.example.com/wp-admin/admin.php?page=EWD-UASP-options&Action;=EWD_UASP_AppointmentDetails&Selected;=Appointment&Appointment;_ID=1">
plugins.trac.wordpress.org/changeset/2327552/ultimate-appointment-scheduling
zeroaptitude.com/zerodetail/wordpress-plugin-bug-hunting-part-1/