Filtered by vendor Booking-wp-plugin
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6891 | 1 Booking-wp-plugin | 1 Bookly | 2022-11-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-payment_details_dialog.js. | |||||
| CVE-2021-24930 | 1 Booking-wp-plugin | 1 Bookly | 2022-11-14 | 3.5 LOW | 5.4 MEDIUM |
| The WordPress Online Booking and Scheduling Plugin WordPress plugin before 20.3.1 does not escape the Staff Full Name field before outputting it back in a page, which could lead to a Stored Cross-Site Scripting issue | |||||