CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13505 – Appointment Hour Booking – WordPress Booking Plugin <= 1.1.45 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-13505
The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email_1. El plugin Appointment Hour Booking versión 1.1.44 para WordPress, permite una vulnerabilidad de tipo XSS por medio del campo E-mail, como es demostrado por email_1. • https://github.com/ivoschyk-cs/CVE-s/blob/master/Appointment%20Hour%20Booking%20%E2%80%93%20WordPress%20Booking%20Plugin%20--%20stored%20XSS https://wordpress.org/plugins/appointment-hour-booking/#developers https://wpvulndb.com/vulnerabilities/9458 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18579 – Corner Ad < 1.0.8 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18579
The corner-ad plugin before 1.0.8 for WordPress has XSS. El complemento de anuncios de esquina en versiones anterior a 1.0.8 para WordPress tiene XSS. • https://wordpress.org/plugins/corner-ad/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •