Vulnerability Details CVE-2018-5670
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php sale_conditions[count][] parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.2%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2018-5670
-
cpe:2.3:a:booking_calendar_project:booking_calendar:2.1.7