CVE-2018-5671

An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php extra_field1[items][field_item1][price_percent] parameter.

Link	Resource
https://github.com/d4wner/Vulnerabilities-Report/blob/master/booking-calendar.md	Exploit Third Party Advisory
https://wpvulndb.com/vulnerabilities/9012	Third Party Advisory

Configuration 1

cpe:2.3:a:booking_calendar_project:booking_calendar:2.1.7:*:*:*:*:wordpress:*:*

---

Published : 2018-01-13 12:29

Updated : 2019-03-05 06:04

---

NVD link : CVE-2018-5671

Mitre link : CVE-2018-5671

No products.

CWE-79