Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 and lower does not sanitize the value of the "Appointment_ID" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin 跨站脚本漏洞
Vulnerability Description
WordPress 插件是WordPress开源的一个应用插件。 Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 存在跨站脚本漏洞,该漏洞将其回显到输入标签之前未清理“ Appointment_ID” GET参数的值。这导致反射的XSS漏洞,攻击者可以利用特制URL加以利用。
CVSS Information
N/A
Vulnerability Type
N/A