Back to search
CVE-2021-24930
Published: Dec 6, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
The WordPress Online Booking and Scheduling Plugin WordPress plugin before 20.3.1 does not escape the Staff Full Name field before outputting it back in a page, which could lead to a Stored Cross-Site Scripting issue
| Vendor | Product | Versions |
|---|---|---|
Unknown | WordPress Online Booking and Scheduling Plugin – Bookly | affected 20.3.1 - < 20.3.1 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now