Vulnerability — CVE-2020-9371

CVE-2020-9371

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2020-9371
Description:: Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScript or HTML.
Last updated date:: 10/06/2022

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/12/2020
Reference url to background: https://drive.google.com/open?id=1NNcYPaJir9SleyVr4cSPqpI2LNM7rtx9

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/06/2022
Reference url to background: http://packetstormsecurity.com/files/156694/WordPress-Appointment-Booking-Calendar-1.3.34-CSV-Injection.html