Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-24930

Disclosure Date: December 06, 2021 (last updated February 23, 2025)
The WordPress Online Booking and Scheduling Plugin WordPress plugin before 20.3.1 does not escape the Staff Full Name field before outputting it back in a page, which could lead to a Stored Cross-Site Scripting issue
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0