CVE-2024-6930 | WP Booking Calendar Plugin up to 10.2.1 on WordPress Shortcode bookingform cross site scripting

Posted by Angelo Barbosa | Jul 24, 2024 | CVE

A vulnerability was found in WP Booking Calendar Plugin up to 10.2.1 on WordPress. It has been classified as problematic. Affected is the function bookingform of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-6930. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-6930 | WP Booking Calendar Plugin up to 10.2.1 on WordPress Shortcode bookingform cross site scripting

Related Posts

CVE-2024-2743 | GitLab up to 17.1.6/17.2.4/17.3.1 authorization (Issue 451014)

CVE-2024-6932 | ClassCMS 4.5 order cross site scripting

CVE-2024-37142 | Dell Peripheral Manager up to 1.7.5 Symbolic Links uncontrolled search path (dsa-2024-242)

CVE-2024-29887 | Serverpod up to 1.2.5 serverpod_client certificate validation (GHSA-h6x7-r5rg-x5fw)