Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
1. Go to “Salon > Services > Add New Service” 2. For the service name, enter: >alert(document.cookie)
and save 3. Go to “Assistants” and edit an assistant 4. Click on “Limit reservations to the following services” to see the XSS
CPE | Name | Operator | Version |
---|---|---|---|
eq | 9.6.6 |