The WP Booking Calendar WordPress plugin before 10.6.3 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
History

Thu, 07 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Wpbookingcalendar
Wpbookingcalendar wp Booking Calendar
CPEs cpe:2.3:a:wpbookingcalendar:wp_booking_calendar:-:*:*:*:*:wordpress:*:*
Vendors & Products Wpbookingcalendar
Wpbookingcalendar wp Booking Calendar
Metrics cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 07 Nov 2024 06:15:00 +0000

Type Values Removed Values Added
Description The WP Booking Calendar WordPress plugin before 10.6.3 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Title WP Booking Calendar < 10.6.3 - Admin+ Stored XSS
References

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-11-07T06:00:05.843Z

Updated: 2024-11-07T16:38:23.471Z

Reserved: 2024-10-16T09:06:23.631Z

Link: CVE-2024-10027

cve-icon Vulnrichment

Updated: 2024-11-07T16:38:19.429Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-07T06:15:13.930

Modified: 2024-11-08T19:01:03.880

Link: CVE-2024-10027

cve-icon Redhat

No data.