Vulnerability Details CVE-2021-36855
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.2%
CVSS Severity
CVSS v3 Score 6.1
References
- https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-4-cross-site-scripting-xss-via-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
- https://wordpress.org/plugins/booking-ultra-pro/
- https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-4-cross-site-scripting-xss-via-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
- https://wordpress.org/plugins/booking-ultra-pro/
Products affected by CVE-2021-36855
-
cpe:2.3:a:bookingultrapro:booking_ultra_pro_appointments_booking_calendar:*