Security Advisory

CVE-2020-9371

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-04 18:11:35

Last updated 2024-08-04 10:26:16

Assigner mitre

State PUBLISHED

Description

Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScript or HTML.

← Browse all CVEs View on cve.org ↗