CVE-2023-27918

Published: May 10, 2023

Modified: Jan 27, 2025

PUBLISHED

Description

Cross-site scripting vulnerability in Appointment and Event Booking Calendar for WordPress - Amelia versions prior to 1.0.76 allows a remote unauthenticated attacker to inject an arbitrary script by having a user who is logging in the WordPress where the product is installed visit a malicious URL.

Vendor	Product	Versions
TMS	Appointment and Event Booking Calendar for WordPress - Amelia	affected `versions prior to 1.0.76`

References

https://wordpress.org/plugins/ameliabooking/#developers

https://jvn.jp/en/jp/JVN00971105/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-27918

Description

Affected Products

References