Vulnerabilities

CVE-2022-1710

by Fred · 13/06/2022

The Appointment Hour Booking WordPress plugin before 1.3.56 does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.

Date published : 2022-06-13

https://wpscan.com/vulnerability/ed162ccc-88e6-41e8-b24d-1b9f77a038b6

Similar

Tags: Cybersecurity Alert