1 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVE-2022-1528 – VikBooking < 1.5.9 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-1528
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.9 does not escape the current URL before putting it back in a JavaScript context, leading to a Reflected Cross-Site Scripting El plugin VikBooking Hotel Booking Engine & PMS de WordPress versiones anteriores a 1.5.9, no escapa de la URL actual antes de ponerla de nuevo en un contexto JavaScript, conllevando a un ataque de tipo un Cross-Site Scripting Reflejado • https://wpscan.com/vulnerability/d1e59894-382f-4151-8c4c-5608f3d8ac1f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •