CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-5671

An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php extra_field1[items][field_item1][price_percent] parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.2%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

https://github.com/d4wner/Vulnerabilities-Report/blob/master/booking-calendar.md
https://wpvulndb.com/vulnerabilities/9012
https://github.com/d4wner/Vulnerabilities-Report/blob/master/booking-calendar.md
https://wpvulndb.com/vulnerabilities/9012

Products affected by CVE-2018-5671

Booking Calendar Project » Booking Calendar » Version: 2.1.7

cpe:2.3:a:booking_calendar_project:booking_calendar:2.1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5671

Products

Pricing

Contact Us